Phishing is a type of fraud where the perpetrator sends an email to many people to trick them into giving up personal information such as passwords, credit card numbers, and bank account details.
The term ‘phishing’ comes from the practice of fishing for fish by using a lure. The lure is often a fake version of something desirable, such as money or goods. In this case, it’s an email that looks like it’s coming from someone you know and trust. It usually asks for personal information or payment in exchange for access to something desirable (such as your account).
What do fraudsters want?
Phishers are hackers who use phishing emails to steal personal information from their victims. This can be done through social engineering – getting people to divulge their login credentials by pretending they are legitimate requests. Cybertalk.org provides in-depth information on how to avoid becoming a victim of phishing.
Deceptive phishing is one of the most common methods used by fraudsters. Fraudsters impersonate an organisation to steal personal information. The email may claim you need to check your account via a link they provide. This link takes you to a site that may look like the organisation being impersonated.
If you enter your account details, your information is compromised.
As the name implies, spear phishing is less indiscriminate and often targeted at an individual. The fraudsters may use your name and other data about you to make you believe they are legitimate. However, their objective is the same – to get you onto a spoofed website to steal your personal information.
Whaling is basically the same as spear phishing, except the intended victim is likely a senior executive in a large business, and a whaler would go as far as to fake a ransom demand to get the desired information.
The objective of all phishing scams is generally the same: to steal your data.
Vishing is a combination of voice phishing and email phishing. It involves the criminal calling you (vishing you), pretending to be from an organisation such as your bank or telco, then asking for your personal information.
Smishing is the same as vishing, but it uses SMS text messages to initiate contact. They often claim there is a problem with your account and will ask you to reply by text message with personal information.
How to protect yourself against phishing
The best method for protecting yourself against phishing is education, particularly among younger people. They often have the most to lose from the scam. However, even if you are more computer savvy, it’s important to remain vigilant. Phishing emails can appear very credible – they may have been sent from your own email address, or they may be sent from an address that looks similar.
Carefully check the domain name of any site you visit, and make sure that it matches the company’s actual domain name as fraudsters often set up fake websites with a similar domain name.
This is a virtual world, and the internet is the perfect tool for fraudsters to target you. They will try and get you onto websites that look authentic but are, in fact, fraudulent in some way.