Phishing Meaning :
Phishing is a scam planned to gather confidential personal information using deceptive emails and websites. One of the easiest forms of cyber attack for a criminal to carry out, phishing is becoming increasingly sophisticated.
6 Eye-opening Facts About Phishing Scams
- 30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link. (Verizon Data Breach Investigations Report)
- Nearly 1.5 million new phishing sites are created each month. (Webroot Threat Report)
- 95% of all attacks on enterprise networks are the result of successful spear phishing. (SANS Institute)
- 76% of businesses reported being a victim of a phishing attack in the last year. (Wombat Security State of the Phish)
- Fake invoice messages are the #1 type of phishing lure. (Internet Security Threat Report (ISTR))
- Apple IDs are the #1 target for credential theft emails. (Proofpoint)
Four Most Common Types of Phishing
- DECEPTIVE PHISHING
Fraudsters create a fake login page, send out mass emails asking victims to verify account, steal their details and access their bank accounts.
- SPEAR PHISHING
Fraudsters scam victims using a customised message crafted to a targeted person in an organisation to gain trust so that victims will submit their personal data without hesitation.
Fraudsters hijack victim website domain name and redirect visitors to other malicious websites by confusing the visitors. Victims will then be scammed on the malicious website, which looks almost 100% same with the real website.
- GOOGLE DOCS
An invitation is sent by fraudsters to ask the victims to view documents on some convincing landing page, for example, Google docs. Attackers will then access your Gmail, Google Play and other Google Account.