What is Phishing? - MetaTutorials


The Tutor is Yours!

What is Phishing?

In this article, you will learn about what is phishing and how many types of phishing. Here, we will also describe how to identify phishing Emails and what are the prevention steps help to protect yourself from phishing attacks. 
What is Phishing

What is Phishing?

Phishing is a common type of Internet cyber-crime and nowadays, it is popular among cyber criminals. In this technique, a hacker or attacker steal the user’s sensitive information such as credit/debit card details and important passwords via the electronic mail, telephone, or text message. 

In simple words, we can say that, it is a method to obtain confidential information using fake or spam mails and websites. Sometimes, phishing can be done by installing the malicious software into the target systems.

As the internet is growing day by day, the phishing is becoming very common. 
The information comes under the confidential or personal identifiable information are as follows:
1. Name of a Person,
2. The email userID,
3. The password,
4. The mobile or phone number,
5. The address of a person,
6. The bank account number,
7. The number and validation code of debit card and credit card, and
8. The Date of Birth (DOB).

This technique is same as the fishing. In fishing, fishermen uses a bait to catch a fish for food, while in phishing, attackers or hackers steal the confidential information of peoples via fake offers.

Types of Phishing

Phishing is categorized into following various categories:
1. Email Phishing
2. Spear Phishing
3. Malware Phishing
4. Voice Phishing
5. Whaling
6. Smishing
7. HTTPS Phishing
8. Angler Phishing
9. Pharming
10. Pop-up Phishing
11. Clone Phishing
12. Evil Twin Phishing

Let’s discuss about the common phishing techniques in brief.

Spear Phishing

Spear Phishing is that phishing technique which allow the attacker to send the malicious emails to the specific individual or group within the organization for obtaining the login credentials.
In this type of cyber crime, hacker collects the name, job title, and mobile number of the individual using social media or organization’s website before attacking. 

Email Phishing

This type of phishing is common where attackers steal confidential data or information by sending the mails. 
In this technique, the hackers create fake domains which looks like a genuine organization’s name. After then, hackers sends a genuine request to users through mails. The mails contain fraud links that lead to malicious websites for collecting the personal information. 


This type of phishing technique is also known as CEO fraud. In this technique, fraudsters specifically target the CEO, high-level and senior executives of the organization. 
Whaling is a type of phishing where hackers first collect the name of CEO or high-level management executives and then send the mail using the same email address.
The fraud emails contains links which may require to transfer money or to enter the critical data.


This type of phishing can be done by sending the text messages or SMS. This technique allows hackers to communicate with telephones instead of emails. The malicious links in the text message install the malware on the user’s device.

Angler Phishing

Nowadays, social media is also becoming common in phishing attacks. In this technique, hackers or fraudsters steal the information using the fraud posts and instant messages on social media.

Clone Phishing

This is also an another technique of phishing attack where hackers added the malicious link and attachments to the original email template and send them to their targets. The mails seems like that they are sent by an authorized sender.

Evil Twin Phishing

In this phishing technique, fraudsters or attackers set up a fraud Wi-Fi network for collecting the sensitive information of those users who will connect to their network.
If you will connect to any hotspot and the hotspot triggers an unsecure warning then it means that this hotspot contains malicious data which harmful to you.   

How to identify a Phishing Email?

As we know, phishing is done by email but there are several clues which help us to identify phishing messages. Some of them are mentioned below:
    • The content of phishing Emai is suspicious and contains fraud links. 
    • The phishing emails contain spelling mistakes and poor grammar. It is the best way to spot a fraudulent message. 
    • Phishing Emails always ask for sensitive information. Authorized organizations or banks never ask for information and password.  
    • Always check the greetings. If the message consists of words like “valued customer” or “Sir/Madam”, then be careful. Because the authorized or legitimate banks or organizations always use your documental first and last name.    

How to Prevent Phishing Attacks?

The following prevention points help you to protect yourself from phishing attacks. If you follow these points then you can protect yourself from fraud activities:
    • The most essential point is that always cross-check the sender who asks for personal information in the Email. If you want to protect yourself from phishing emails, the initial step is to check the sender's address. 
    • Always enter the address of the link in the address bar instead of clicking on the link. 
    • You can protect yourself by using trusted security tools, software, and antivirus software. 
    • The important point is that never share your personal details with anyone over E-mails, calls, or private messages. 
    • You must change the passwords of your online accounts regularly to maintain data security. And, always use hard passwords instead of a few characters.  
    • Never forward unknown mails. 
    • Always use spam filters to protect against fraudulent mail.
    • Make sure that you update your browser and desktop regularly.
    • Always use the firewalls in your systems. Because firewalls act as the shield between the computer and an attacker which enhance security and minimize the chances of the phishing attack.