The types of phishing attacks are continually evolving. However, many fall within one of these five types of phishing attacks.
Spear Phishing
Spear phishing is a tactic that uses personalized emails or messages to convince you into clicking on a malicious link or email attachment. When you do, you may be giving the bad guys personal information that they can cause you harm with. When using spear phishing attacks, con artists customize their emails with your name, phone number, or other bits of information in an attempt to make you believe the email or message is from a legitimate source. Remember, when you consider replying to an email, double check to make sure it is legitimate.
Email Spoofing (Name Impersonation)
Email spoofing uses the name of a person or organization that you are familiar with. By using a familiar name, the attackers hope to get you to click on their link. Once you click on it, the bad guys then use various techniques to get you to hand over personal information. The best way to avoid email spoofing attacks is to read the sender’s email address carefully. If anything doesn’t appear to be normal, consider not clicking on the link.
Website Spoofing
Website spoofing is similar to email spoofing but is more complicated on the part of the attackers. When website spoofing, attackers copy a legitimate website and use it on their con artist fake web address. These websites are often nearly indistinguishable from legitimate sites. Therefore, if you are concerned that a website contained in an email or message may not be authentic, don’t click on any links. Instead, open a new browser window and manually search for the site on your own. Once you’re sure that you’re on a legitimate site, contact the person or organization through the legitimate site or phone number.
Clone Phishing
Clone phishing happens when bad guys attack a person’s email account by using a previously sent email that contains a link or attachment to make you think the cloned email is legitimate. Criminals replace the link or attachment from the legitimate email with a malicious link or attachment in their fake email. The phony email is then forwarded to the contact list from the victim’s inbox. The criminal’s hope that the recipients of the cloned email will believe it to be legitimate and click on the link or attachment.
Image Phishing
Do you receive emails that contain images? If so, then you need to use caution because it could be a phishing attack. Scammers use pictures and other types of media to infect your systems. There are a couple of ways for bad guys to embed a phishing image in an email. The first is by linking an image in the email or message to the malicious web address. The second is to send an attachment, such as a photo or other type of media file, with a virus embedded in the file that infects your computer when you open the attachment. The best way to avoid image phishing attacks is to not open or click on links from unknown sources. Don’t forget, you don’t have to click on everything people send you. Far from it, instead, be wary about emails from sources that are unknown or seem out of the norm.