Phishing is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.
Some of the most common types of phishing attacks today include:
Business Email Compromise (BEC): A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.
Spear phishing: A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.
Whaling: A form of spear phishing. Threat actors target company executives to gain access to sensitive data.
Vishing: The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.
Smishing: The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.