Phishing
Definition
Phishing is a type of cyberattack in which an attacker impersonates a legitimate source to trick individuals into revealing sensitive information, clicking malicious links, or downloading harmful files.
Examples
- A user receives an email pretending to be from their bank, asking them to verify account details through a fake login page.
- An employee clicks on a link in a fake HR email and unknowingly installs malware on their company device.
Overview
Phishing is a common form of social engineering attack where cybercriminals manipulate human behavior to gain access to confidential information, such as passwords, credit card numbers, or internal company systems. These attacks typically arrive in the form of emails, messages, or phone calls that appear to come from trusted sources — such as banks, service providers, or even colleagues.
Unlike traditional hacking methods that exploit software vulnerabilities, phishing preys on the target’s trust, curiosity, fear, or urgency. The attacker’s goal is usually to steal credentials, deliver malware, or trick users into taking actions that compromise systems. Phishing is not only widespread, but also constantly evolving in sophistication and targeting methods.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.