What is a Phishing attack?
This is where an attacker will try and trick a person into giving away information that they can use to attack an organisation.
Phishing is a type of cyber attack where hackers trick people into giving away sensitive information (such as passwords, credit card details, or personal data) by pretending to be a trusted entity (e.g., a bank, employer, or government agency).
How Does Phishing Work?
- The attacker sends a fake email, message, or website link.
- The victim clicks on the link or downloads an attachment.
- The attacker steals login credentials, installs malware, or gains unauthorized access.
Common Types of Phishing Attacks:
- Email Phishing – Fake emails impersonating companies (e.g., PayPal, Microsoft, or a bank).
- Spear Phishing – Targeted attacks on specific individuals using personal details.
- Whaling – Phishing attacks targeting high-profile executives or CEOs.
- Smishing (SMS Phishing) – Fraudulent text messages with malicious links.
- Vishing (Voice Phishing) – Fake phone calls pretending to be from banks or tech support.
- Clone Phishing – A copied version of a legitimate email with malicious links.
How to Protect Yourself from Phishing:
✅ Verify the sender – Check email addresses carefully.
✅ Hover over links – Don’t click on suspicious links; check URLs before opening.
✅ Use multi-factor authentication (MFA) – Adds an extra layer of security.
✅ Watch for urgent requests – Phishing emails often create a sense of urgency.
✅ Keep software updated – Security patches help prevent attacks.
✅ Use anti-phishing tools – Security software and browser extensions can block phishing sites.
What to Do If You Get Phished?
🚨 Change your passwords immediately.
🚨 Report the phishing attempt (to your IT team, email provider, or authorities).
🚨 Monitor your accounts for unusual activity.