What is Phishing

Phishing is pronounced Fishing and it means just that. But, instead of trying to hook fish in ponds, the phisher trys to hook computer users through the internet.

There are two types of phishing: Phishing and Spear Phishing.

Classic Phishing

Classic Phishing is when criminals setup a fake login page for a bank then send millions of emails telling users they need to update security. They play a numbers game. For every million they send, 10 or 100 may actually use the bank and fall for the trick.

Another variation may use one person to trick others. Such as someone getting access to your email and immediately sending email to every person in the address book. They impersonate you, claiming to be out of the country traveling, robbed and asking for a wire transfer. Most of your friends and associates won’t fall for this trick any more.

Spear Phishing

Spear Phishing is a targeted attack. One example is hackers getting your email login. They can sit back and watch your email. If they are patient, they will see what banks you use and what friends you correspond with. They will slowly learn your daily habits. When the time is just right, they can strike. Another, more likely variety when they stealing a historical dump of your emails. They can mine old emails to determine information and target you with what may seem most credible.

Other Links