Phishing
Phishing is a cyberattack technique where attackers send fraudulent communications, typically emails, that appear to come from trusted sources in order to steal sensitive data such as credentials, financial information, or to deliver malware.
Phishing is one of the most prevalent and effective cyberattack methods, responsible for a significant portion of data breaches worldwide. In a phishing attack, the attacker impersonates a legitimate entity, such as a bank, technology company, colleague, or government agency, to deceive the recipient into taking a harmful action. This action might include clicking a malicious link, downloading an infected attachment, entering credentials on a fake login page, or providing sensitive information directly.
Phishing has evolved into several specialized variants. Spear phishing targets specific individuals or organizations with highly personalized messages based on researched information. Whaling is spear phishing aimed at senior executives and high-value targets. Clone phishing duplicates a legitimate email the recipient previously received but replaces links or attachments with malicious versions. Pharming redirects users from legitimate websites to fraudulent ones by poisoning DNS records or modifying local host files.
Modern phishing attacks have become increasingly sophisticated. Attackers use legitimate cloud services to host phishing pages, employ HTTPS certificates to appear trustworthy, leverage URL shorteners to obscure malicious destinations, and create pixel-perfect replicas of legitimate login portals. Some attacks use adversary-in-the-middle techniques to intercept multi-factor authentication tokens in real time, defeating a control that was once considered highly effective against phishing.
Organizations combat phishing through a combination of technical controls and human training. Email security gateways filter suspicious messages. DMARC, DKIM, and SPF email authentication protocols help prevent email spoofing. Web proxies and DNS filtering block access to known phishing sites. Security awareness training and regular phishing simulations help employees recognize and report phishing attempts. Multi-factor authentication reduces the impact of compromised credentials, though organizations should be aware of emerging bypass techniques.