What is phishing?

Phishing is the attempt to acquire personal information (such as a password or credit card number), generally for malicious purposes, by assuming the identity of a trusted authority. One common form of phishing is an email pretending to be from a user’s bank, asking the user to enter his/her online banking login information on another site.

How does phishing work?

Phishing is a homophone of fishing, a sport where bait is used to lure victims. Instead of using malware, a virus, or a hack to access private information, phishers rely on social engineering. That is, making someone believe something that is not true, usually by impersonating a trusted authority or an acquaintance in dire need of assistance.

Credit card information, usernames, and passwords are all common targets of phishing. Phishing can be guarded against by never giving up these types of information over unencrypted channels like email, non-HTTPS websites, and chat apps.

Read more about phishing and spear phishing here

Back to Glossary