Common Phishing Attacks

In 2019, one third of security breaches involved some sort of phishing attack. As these attacks are becoming more and more sophisticated and involve multiple ways to gather information, it is important to understand all the different kinds of phishing attacks that are committed, how they work and how to prevent yourself from falling victim to these scammers and hackers.

As you will recall from earlier, phishing is the method of trying to gain sensitive information such as usernames, passwords, personal details through deceptive emails and websites. There are quite a few different phishing attacks that happen, but for this lesson we are going to focus on the ones that we as individuals are most likely to experience.

Below are 4 common types of phishing attacks. From receiving emails, phone calls, and even text messages, there are different ways for scammers to get in contact with us so let’s take a look!

Types of Phishing Attacks

Deceptive Phishing: Deceptive Phishing when scammers send fake emails to individuals to attempt to gain personal or confidential information. This is the most common type of phishing attack​.

Vishing: Vishing is when scammers will try to contact you by calling your phone. ​For example, if someone calls you claiming to be from the CRA and stating that you must pay money to avoid arrest, this would be an attempt at a Vishing attack.

Smishing: Smishing is when scammers will send text messages​. These messages often try to appear like the message is coming from a larger company. For example, you may receive a message from a bank claiming that your account has been suspended and you are asked to provide billing information. There may be a link on the message to trick you in clicking it.

Pharming: Pharming is when the attacker changes a website URL path (think of this as the address) to another location​ and often the separate site a person is taken to will look like the real website.

How does Phishing work?

Let’s think of it like actual fishing. There is the fisherman who places bait onto a hook and throws it into the water hoping for a fish to bite. This is what scammers do. The bait is a message, and the fish are people who the messages are being sent to, but luckily for us there are ways to spot phishing attacks!