Skip to content

What is phishing and how to prevent being phished?

Phishing is a type of cyber attack where fraudsters attempt to trick individuals into revealing sensitive information, such as usernames, passwords, credit card details, or Social Security numbers. Here are some common examples of phishing attacks on the internet:

Email Phishing

  • A victim receives an email that appears to be from a legitimate organization, such as a bank or an online service provider. The email typically asks the recipient to click on a link and provide personal information or login credentials on a fake website designed to look genuine.
  • Example: An email from “[email protected]” claiming there is an issue with your account and urging you to click on a link to update your login credentials.

Spear Phishing

  • This is a targeted form of phishing where attackers customize their messages to appear more authentic and relevant to the recipient. They may gather personal information about the victim from various sources to increase the chances of success.
  • Example: An email that appears to come from your workplace’s HR department, requesting you to update your employee information through a link provided.


  • In smishing attacks, fraudsters use text messages (SMS) instead of emails to trick victims into divulging personal information or clicking on malicious links. These messages often appear to be from a legitimate source, such as a bank or a delivery service.
  • Example: A text message claiming to be from a popular shipping company, stating that a package delivery is pending, and instructing you to click on a link for further details.


  • Vishing involves fraudulent voice calls where scammers impersonate a trusted entity, such as a bank representative or a government agency. They manipulate victims into revealing sensitive information over the phone, often by creating a sense of urgency or fear.
  • Example: A caller pretending to be from your bank’s fraud department, informing you of unauthorized transactions and asking for your account details and PIN for verification.

Clone Websites

  • Attackers create exact replicas of legitimate websites to deceive victims into entering their login credentials or personal information. These cloned websites may have slight variations in the URL or design that may go unnoticed by unsuspecting users.
  • Example: A fake banking website designed to look identical to the real bank’s website, with the intention of capturing users’ login credentials.

Social Media Phishing

  • Fraudsters create fake social media profiles or posts that mimic well-known brands or friends to lure users into clicking on malicious links or sharing personal information.
  • Example: A Facebook post offering a limited-time giveaway from a popular brand, requesting users to provide personal information to claim the prize.

Malware-Based Phishing

  • Phishing attacks can also involve malware, where victims unknowingly download malicious software by clicking on links or opening attachments in phishing emails. This malware can steal personal information or give attackers control over the victim’s device.
  • Example: An email appearing to be from a shipping company, containing an attachment that, once opened, installs malware on the victim’s computer.

How to prevent being phished?

To prevent falling victim to phishing attacks, consider the following precautions:

  • Be cautious of unsolicited requests for personal information and avoid clicking on suspicious links.
  • Verify the authenticity of emails, messages, or calls by contacting the organization directly using the official contact information.
  • Check for signs of phishing, such as misspellings, generic greetings, or suspicious email addresses.
  • Keep your devices and software up to date with the latest security patches.
  • Use security software, such as antivirus and anti-malware programs, to detect and block phishing attempts.
  • Educate yourself and stay informed about common phishing techniques and red flags.

Always vigilant, being skeptical of unsolicited requests, and verifying the legitimacy of communications can help protect you from falling prey to phishing attacks.

Leave a Reply