Phishing
Phishing is a fraudulent attempt to obtain personal or financial information by impersonating a trusted organization or individual, often via deceptive emails.
Phishing is a deceptive email tactic where attackers impersonate trusted senders to steal information or money.
Definition and examples
Phishing is a form of cybercrime where attackers send deceptive communications that appear to come from a reputable source, such as a bank, online service, or colleague. These messages typically include urgent requests to click a link, download an attachment, or provide login credentials or financial details. Unlike legitimate marketing emails, phishing attempts are designed to trick recipients into revealing sensitive information or installing malware on their devices.
Why it matters
It matters because phishing creates real security risk and trains people to distrust email. The more common it becomes, the harder legitimate senders have to work to earn confidence.
How phishing attacks work
Attackers gather information about targets from social media, company websites, and public records. Identify key personnel, vendors, and business relationships. Study communication patterns and company procedures. Create fake email addresses and domains that mimic legitimate sources.
Common mistakes
A common mistake is making the term sound more complicated than it is in practice. The clearest explanation is usually the most useful one.
Related terms
Key takeaways
Phishing attacks pose serious risks to both businesses and individuals through email impersonation
Proper email authentication (SPF, DKIM, DMARC) is essential for preventing domain spoofing
Legitimate email marketers must protect their brands from impersonation attempts