logo

Command Palette

Search for a command to run...
Glossary Phishing

What Is Phishing?

Phishing is type of social engineering attack where attackers potray as trusted entities either banks, cloud services, working mate, etc to trick victim so they reveal their sensitive information like password, credit card number or other credentials. Phishing can occur in various medium like email, SMS, phone call, or fake website

Why Phishing Matters in Cybersecurity

Phising becoming the most dangerous attack methods. Often become jumping stone for larger damage, malware infection, ransomeware, etc. Even organization with strong security system can be defeated by phising since it exploit human trust instead of technical vulnerabilities.

Common Types of Phishing

  • Email Phishing : fake email act like legitimate messages
  • Spear Phishing : Very targeted phishing with goal to specifics individual with high profile in organization
  • Smishing : Phishing attacks delivered through SMS or messaging apps
  • Vishing : Phishing attack through phone calls
  • Clone Phishing : Attackers copies a original email and modified links or attachment with malicious one

Signs of a Phishing Attack

  • Suspicious sender address
  • Demanding quick action (”reset your password now”)
  • Very slighty Misspelled domain
  • Ask for sensitive informations (passwords, banking details, credit card, etc)
  • Suspicious attachments or links

Example

A victim receives an email mention that from their bank, asking victim to “verify account”.

The email include link to fake a website login that pretend to identical the real one. Once victim enter their credentials to the fake website, the attackers steal them and gain access to their real bank account

How to Defend Against Phishing

  • Enable MFA (Multi-Factor Authentication) to protect account even if credential are stolen
  • Train employees about phishing awareness
  • Use email security gateways and spam filter to avoid suspicious emails
  • Check suspicious links or attachments before clicking them
  • Implement least privileges to limit damage of compromised account
  • Spear Phishing
  • Malware
  • Social Engineering
  • MFA
  • Ransomware

Next Steps

Ready to secure your applications? Choose your path forward.

Start Free Trial

Try Plexicus risk-free for 14 days

View Pricing

Transparent pricing for teams of all sizes

Join Community

Join our Global Community

Read Documentation

Read our Comprehensice Documentation

Join 500+ companies already securing their applications with Plexicus

SOC 2 Compliant
ISO 27001 Certified
Enterprise Ready