What is Phishing?
Understanding the Common Types of Phishing
Definition of Phishing
Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker[1] or to deploy malicious software on the victim’s infrastructure like ransomware.
The Problem with Phishing
As of 2020, phishing is by far the most common attack performed by cybercriminals, the FBI‘s Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime.[3]
Critical Types of Phishing
There are many types of phishing, but these are the nine most common that we see regularly.
This type of attack tricks the user into giving up their credentials by representing a near-copy of a legitimate web page.
Capable of updating or downloading JavaScript, these malicious apps and extensions downloaded script to control the complete browser canvas.
A form of phishing that utilizes mobile devices as an attack vector. Initiated as a text message disguised as a text from a bank or trusted brand.
The goal of social engineering is to motivate a user to complete a form or install something to access information or money.
Spear phishing targets a smaller group or a specific department in an organization. It isn’t easy to detect as it appears to come from a sender closely aligned with the recipient.
Supply chain attacks are when a cybercriminal infiltrates an organization through an outside partner or vendor with access to internal systems.
BEC attacks often request for funds to be sent, or wire transferred to pay an invoice or for a service. The targets are employees with access to bank information, like accounts payable or finance.
The exact functionality of Man-in-the-Middle attacks is collecting and selling data from victim organizations.
A form of phishing that utilizes mobile devices as an attack vector. Initiated as a text message disguised as a text from a bank or trusted brand.
It’s Time to Get Started with SlashNext
Learn how to leverage the industry’s best zero-hour phishing protection and IR solutions in your environment.
6701 Koll Center Parkway, Suite 250
Pleasanton CA 94566
800.930.8643
info@slashnext.com
© All Rights Reserved, SlashNext, Inc.