Phishing is a fraudulent attempt to trick individuals into divulging sensitive information (usernames, passwords and banking details) by pretending to be a trusted source, often through an email communication.


The phishing email may look legitimate and official, perhaps even with the correct logos of the supposed source, but will include links to a fraudulent website or some type of malware.  Spear phishing is a type of phishing that is even more targeted and personalized in the way it is presented to the victim. The success of spear phishing depends upon three things: The apparent source must appear to be a known and trusted individual; there is information within the message that supports its validity, and the request the individual makes seems to have a logical basis. To avoid this, organizations must train employees to be suspicious of unexpected requests for confidential information, not divulging personal data in emails or clicking on links in messages unless they are 100% sure of the source. 


Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.