Phishing
Cards (5)
- Phishing:
- Attacker sends emails masquerading as a trusted entity (such as a bank) to a bulk of recipients to obtain sensitive information
- Not targeted at any particular group, sent in bulk to cast a wide net and obtain information from whoever they can
- Spear Phishing:
- Targeted phishing attack aimed at a specific group
- Exploits a list of specific users and their email addresses to target those users
- In the instance of a bank, receiving a message from a bank not used may indicate a phishing email, but if it comes from the actual bank, individuals might be more susceptible to respond
- Spear phishing significantly increases the success rate for the attacker
- Whaling:
- Phishing attack targeting high-value individuals like a CEO
- Custom-built attacks to increase the odds of success
- Vishing:
- Phishing attempts using voice communication technologies
- Attackers spoof calls from legitimate entities to gain useful information