NIS2 is coming! Get prepared and secure your company.
+43 50 977 805
hello@4conform.com
Free Trial

4conform Wiktionary

Phishing attacks

Our Wiktionary is growing into a user-friendly online dictionary specifically designed to provide comprehensive and precise definitions of terms related to ISO standardization, information security, data protection and cybersecurity.

back to Wiktionary

Phishing attacks are a form of cybercrime in which fraudsters attempt to steal sensitive information such as usernames, passwords, credit card details or other personal data from victims. Here are some important aspects of phishing attacks:

How phishing attacks work:

  • Deception:
    • Phishing attackers often pose as trustworthy organizations or individuals, such as banks, online retailers, government agencies or even colleagues.
    • They use fake emails, messages or websites that look deceptively real to convince their victims.
  • Bait:
    • The attackers use various lures to get their victims to click on malicious links or open attachments.
    • These lures may contain urgent requests, warnings, offers or other enticing messages.
  • Data theft:
    • As soon as the victim falls for the bait, their data is either stolen directly or malware is installed on their device to capture the data.

Types of phishing attacks:

  • Email phishing:
    • This is the most common form of phishing, where fake emails are used to deceive victims.
  • Spear-Phishing:
    • This is a more targeted form of phishing, where attackers use personalized messages to target specific individuals or organizations.
  • Vishing (Voice Phishing):
    • Attackers use phone calls to deceive victims and steal sensitive information.
  • Smishing (SMS phishing):
    • This method uses SMS messages to deceive victims.

How to protect yourself from phishing attacks:

    • Be skeptical:
      • Be careful with e-mails, messages or calls that arrive unexpectedly or ask for sensitive information.
    • Check the source:
      • Check the sender address of e-mails and the URLs of websites carefully.
      • If in doubt, call the organization directly to verify the authenticity of the message.

Do not click on suspicious links:

    • Do not click on links or open attachments from unknown or suspicious senders.
  • Use strong passwords:
    • Use strong, unique passwords for your accounts and change them regularly.
  • Activate two-factor authentication (2FA):
    • Activate 2FA to add an additional layer of security.
  • Keep your software up to date:
    • Update your operating systems, browsers and anti-virus software regularly to close security gaps.
  • Be aware of the risks:
    • Educate yourself and those around you regularly about the latest methods used by cyber criminals.

Phishing attacks can have serious consequences, such as identity theft, financial loss or data loss. It is therefore important to be vigilant and protect yourself against these attacks.