Optiv Cybersecurity Dictionary

What is Phishing?

Phishing is a fraudulent attempt to trick individuals into divulging sensitive information (usernames, passwords and banking details) by pretending to be a trusted source, often through an email communication.


A phishing email may look legitimate and official, perhaps even with the correct logos of the supposed source, but will link to a malicious website or include an attachment with some type of malware. 


Spear phishing is a type of phishing that is even more targeted and personalized in how it’s presented to the victim. The success of spear phishing depends upon three things: the apparent source must appear to be trustworthy; there is information within the message that supports its validity, and the request seems to have a logical basis. To avoid falling victim, organizations must train employees to be suspicious of unexpected requests for confidential information and not to divulge personal data in emails or clicking on links in messages unless they’re 100% sure of the source.


Phishing: Why It Matters


Almost doubling in total incidents from 2019, phishing was cybercrime’s undisputed flavor of the year in 2020.1 In fact, out of the total reported cyber breaches in 2020, phishing was involved in a whopping 43%.2 2021’s data is still rolling in, and there’s every indication that phishing scams aren’t finished spiking in both frequency and sophistication. 


It’s estimated that 96% of phishing threats are delivered via email, and that’s why careful clicking habits cannot be overemphasized enough for organizations and individuals.2 Once users let their guard down and take a hacker’s bait, they can be reeled into all manner of compounding cyberattacks, including ransomware.  



Phishing Solution


Phishing threats succeed due to lack of cybersecurity awareness. Whether at home or work, you can avoid the bait by clicking with care and staying wary of suspicious emails, texts and direct messages on social media. 


Are you an organization and need a hand training your people? We’ve got a wide variety of eLearning courses and simulated phishing services designed to help you meet compliance requirements, minimize risks posed by your end users and maximize data security.


Take a Look

Cyber Education Social Share Image

Related Terms

Other Sources:


Contact Us