Member-only story
Hi everyone, welcome back. Phishing is an attempt for attackers to retrieve sensitive information by tricking a user. For example, attackers may create a fake website that looks like another popular website such as Google or Facebook and ask the user to provide login info. If the user gives his or her login info into the fake website, that info is now accessible to the attacker. Many times, attackers make fake websites that pretend to be social media or shopping websites. Phishing can also come in other forms such as instant messaging, and we will go over that here.
Spear Phishing
Spear phishing is when a specific target or victim is researched in an attempt to successfully retrieve information. After an attacker has enough knowledge on their victim, they can create an email or text message that looks like it comes from a trusted sender.
Whaling
Whaling is a phishing technique that targets high ranking employees, the “big fish”, in a company. High ranking employees have more access over financials and data within a company, making them a more valuable phishing target. Attackers can then use fake websites and emails that may appear to come from trusted senders such as business partners or banks to retrieve sensitive information or money.
