What Is Phishing?
In its most basic form, phishing is a scam in which a victim is tricked into sharing sensitive information or downloading ransomware. Emails and SMS messages are the most commonly used phishing methods. Most phishing attacks are easy to spot and fail to impersonate a person of authority.
Related Stories
- How to turn on the portable hotspot feature in MIUI Devices
- How to enable the Memory Extension function in MIUI
- Scan a QR code in Android Smartphone
- What Is Phishing, and How Do You Avoid It
- How do you take a screenshot with Google Chrome's built in screenshot tool?
- Phishing Attacks Continue to Skyrocket in Southeast Asia
Phishing Schemes Aren’t Just For Individuals
According to a Proofpoint report, over 55% of businesses fell victim to a phishing attack in 2020. Many of these attacks were enabled by phishing. Government organizations are also a target for phishing attacks. Over half of full-time workers know nothing about phishing, so it's important to learn about it yourself.
Phishing Attacks - What Are They?
Email Phishing: This is the most common form of phishing. A scammer impersonates a popular website or personality, such as Amazon or a politician, to steal your information or trick you into downloading ransomware. You can even create a custom domain name to make your email look "official".
Spear phishing: scammers who want to reach a specific target resort to "spear phishing". They collect information about their victim before impersonating a trusted person, a company, or an automated message.
Clone Phishing: Most phishing emails are randomly sent to victims. But in some cases, a scammer will send you a duplicate version of an authentic email. For example, if you receive order confirmation, a hacker can send a copied "order confirmation" with malicious links or attachments.
Pop-up Phishing: The use of pop-ups for scams and malware is still common. Modern pop-up phishing attacks typically use a browser's notification settings to send you "antivirus alerts".
Angler Phishing: Scammers can "angle phish" victims through social media. Basically, scammers use social media to impersonate a public figure or a business. For example, someone can impersonate a YouTuber to share misleading "contest" links in the comments of a video.
Whaling: When a phishing attack targets an important person, such as a CEO, it is called "whaling". These targets are often rich, easy to blackmail or have access to a company's backend.
Smishing and Vishing: These terms describe phishing via SMS or phone call. Most of the spam messages or automated calls you receive are forms of "smishing" or "vishing".
How to Avoid Phishing Attacks
Because of the rise in remote work, phishing is more popular than ever. Make sure you carefully examine all emails and SMS messages you receive.
Verify the source of any URL or file that someone sends you before opening it. Create unique passwords for every account and enable 2FA on all websites using a password manager.
How to Stop a Phishing Attack
According to the U.S. Federal Trade Commission, you should report all phishing attacks to the Report Fraud website and forward phishing text messages to SPAM (7726).
When you are targeted by phishing, it's time to take harm reduction measures. Make sure your passwords are updated on all sensitive or affected accounts and enable two-factor authentication (2FA) to keep scammers out.
If a scammer gets your credit card information or bank details, tell your bank and freeze your credit cards. If you open a malicious attachment or download suspicious software, take the affected device offline and run an antivirus scan or factory reset the device.