Definition:
Phishing is a social engineering attack in which an attacker poses as a legitimate entity to trick individuals into providing sensitive information, such as usernames, passwords, or credit card numbers.
Use Cases:
- Used by attackers to steal login credentials or financial information from unsuspecting users.
- Employed in email-based attacks to direct victims to fake websites that mimic legitimate ones.
Related Terms:
Questions and Answers:
- How can individuals recognize phishing attempts?
Signs of phishing include unexpected emails asking for sensitive information, suspicious links, and email addresses that don't match the sender's legitimate domain.
- What are the most common types of phishing attacks?
Common types include email phishing, spear phishing (targeted attacks), and smishing (SMS phishing).
- How can organizations prevent phishing attacks?
Organizations can prevent phishing by using email filtering, educating employees on phishing signs, and implementing multi-factor authentication.