What is Phishing

The art of trying to gain sensitive information through impersonating a legitimate organization and individual interacts with. Learn more in: Guarding Corporate Data from Social Engineering Attacks

Trying to obtain sensitive information (usernames, passwords and credit card information) by masquerading as a trusted party in an electronic communication. Learn more in: Security Issues of Smartphones Regarding M-Commerce

A deceptive normally online attempt by an attacker to obtain user’s confidential information for financial gain. Learn more in: Cyber Security Competency Model Based on Learning Theories and Learning Continuum Hierarchy

A type of fraud whereby a criminal attempts to trick their victim into accepting a false identity presented by the criminal. The common application of this approach is to send fake e-mails to a victim purporting to come from a legitimate source and requesting information or directing the victim to a fake Internet website where this information can be captured. Learn more in: Ransomware: A New Cyber Hijacking Threat to Enterprises

A scam using fraudulent emails and websites to steal personal information for financial gain. Learn more in: Emerging Cybercrime Variants in the Socio-Technical Space

Stealing from users their confidential data (like logins and passwords) by deceptive alert email messages and Web sites. Learn more in: Trustworthy Computing

Using fraudulent emails to direct users to websites that mimic valid websites in order to obtain private information. Learn more in: Social Engineering and its Countermeasures

An activity based upon social engineering, where perpetuators or phishers attempt to exploit the trustworthiness of individuals to reveal personal information, such as user name, passwords, credit card numbers, banking information, and so forth. Communications is attempted by several means - e-mail, phone, letters - but most often carried out by e-mail due to the ease and relative ease in which phishers can obtain mailing lists with thousands of e-mail addresses. Phishing techniques are varied and often very business looking stating that your financial institution needs you to update your records immediately or your account will be locked. Phishers do not really know your banking institution, but after they send out 10,000 e-mails, the chances are good that some of those e-mail addresses actually conduct business with the named institution in the e-mail. It is the unsuspected individual who does not identify this as such, and instead of calling his or her financial institution, offers their valuable information, often at a Web site that looks identical to their main institution. Learn more in: Combating Computer Fraud

A form of spoofing, where users are tricked into providing personal identification information because thieves have stolen the “look and feel” of a legitimate site. Learn more in: Online Privacy Issues

10.

A deception involving email as bait to get victims to go to a Web site where their personal information can be stolen. Learn more in: The Ethics of Deception in Cyberspace

11.

Phishing refers to the use of emails and websites to ‘fish’ for personal information such as credit card numbers, back account information and passwords to use for fraudulent purposes. Learn more in: Cyber Identity Theft

12.

13.

A two-stage attack enticing victims to submit their personal information to a fake web site. Learn more in: Identity Theft through the Web

14.

A type of identity theft where criminals blast emails to a mass audience in their malicious attempt to bait you into fake websites or also knows as ‘online identity fraud’. Learn more in: Security Policy Issues in Internet Banking in Malaysia

15.

This is a type of electronic mail attack that attempts to convince the user that the originator is genuine, but with the intention of obtaining information for use in social engineering. Learn more in: Can Total Quality Management Exist in Cyber Security: Is It Present? Are We Safe?

16.

An attempt to acquire personal information by impersonating as a trustworthy entity in an electronic communication. Learn more in: A Routine Activity Theory-Based Framework for Combating Cybercrime

17.

Kind of cybercrime committed through social engineering with the intention of obtaining confidential information like passwords or PINs. Learn more in: Honeypots and Honeynets: Analysis and Case Study

18.

Phishing is a type of e-mail fraud in which a perpetrator attempts to acquire sensitive information (such as bank financial pin) for malicious reasons. Learn more in: Use of Social Media for Policing

19.

Phishing as “a type of attack that communicates socially engineered messages to humans via electronic communication channels in order to persuade them to perform certain actions for the attacker’s benefit” ( Bottazzi et al., 2015 ). Learn more in: Mobile Apps Threats

20.

A technology-based social engineering attack that relies on appealing to human vulnerability factors via the dissemination of deceptive emails which lead users to clicking on malicious links and/or sharing sensitive information on fraudulent websites. Learn more in: Social Engineering in Information Security Breaches and the Factors That Explain Its Success: An Organizational Perspective

21.

A technique used by hackers to obtain confidential information from victims by sending illegitimate emails that look legitimate. Learn more in: The Age of Ransomware: Understanding Ransomware and Its Countermeasures.

22.

A user’s e-mail program is used to direct the user to a legitimate-looking Web site where the user is asked to provide personal information about himself or herself such as passwords and account numbers. Learn more in: E-Technology Challenges to Information Privacy

23.

An activity based upon social engineering, where perpetuators or phishers attempt to exploit the trustworthiness of individuals to reveal personal information, such as user name, passwords, credit card numbers, banking information, and so forth. Communications are attempted by several means - e-mail, phone, letters - but most often carried out by e-mail due to the ease and relative ease in which phishers can obtain mailing lists with thousands of e-mail addresses. Phishing techniques are varied and often very business looking stating that your financial institution needs you to update your records immediately or your account will be locked. Phishers do not really know your banking institution, but after they send out 10,000 e-mails, the chances are good that some of those e-mail addresses actually conduct business with the named institution in the e-mail. It is the unsuspected individual who does not identify this as such, and instead of calling his or her financial institution, offers their valuable information, often at a Web site that looks identical to their main institution. Learn more in: Understanding Computer Security

24.

Fraudulent representation of an organization as sender. Learn more in: Information Security Management

25.

Phishing is a form of Web based identity theft where attackers employ deceit and social engineering to defraud users of their private and confidential information such as password, credit card number, social security number (SSN), and bank account number. Learn more in: A Multistage Framework to Defend Against Phishing Attacks

26.

The use of social engineering in e-mails for the purpose of deceiving the recipient into either compromising sensitive information or following a set of instructions that leads to a security breach. Learn more in: Designing Antiphishing Education

27.

A cybercrime in which someone is contacted by email or phone by someone who disguises as a trustworthy entity and tries to gain their confidence in an attempt to obtain sensitive information from them such as usernames, passwords and credit card details in order to defraud them. Learn more in: “Attention Beneficiary…!”: Assessing Types and Features of Scam Emails

Find more terms and definitions using our Dictionary Search.

Phishing appears in: