Attacks & Threats
Phishing
Also known as: Email phishing, Mass phishing
Definition
A social-engineering attack in which an attacker impersonates a trusted party to trick a victim into revealing credentials, transferring money, or running malware.
Examples
- A fake "Microsoft 365 password reset" email that links to a credential-harvesting site.
- An invoice attachment that installs a banking trojan when opened.
Related terms
Spear Phishing
A targeted phishing attack tailored to a specific individual or organization using personal or professional details collected in advance.
Whaling
A spear-phishing attack aimed at senior executives or other high-value targets, typically seeking large fraudulent payments or access to strategic information.
Smishing
Phishing delivered via SMS or other mobile-messaging channels to trick victims into clicking malicious links, calling fraudulent numbers, or revealing data.
Vishing
Phishing conducted over voice channels — phone calls or VoIP — to manipulate victims into revealing credentials, payments, or remote access.
Business Email Compromise
A targeted fraud in which an attacker impersonates or takes over a corporate mailbox to trick an employee into wiring money, changing payment details, or sending sensitive data.
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.