• Tony Liu

Phishing- A form of Social Engineering

Updated: Jun 25, 2021

Protecting your network both externally and internally requires more controls than a traditional perimeter security model and must rely on trust in user identity and device health.

Social Engineering

Phishing is a form of social engineering - the act of deception, or taking advantage of a user’s trust to convince them to reveal sensitive information.

Spear Phishing

Spear phishing is a type of phishing attack that targets a specific individual or set of individuals. Attackers may do research on their targets via social media networks and publicly available information online, using the data to craft a credible message to convince victims to click, download or give away additional, non-public information.

Information Targeted in Phishing Attempts

  • Usernames and passwords that can be used to log into personal and work accounts.

  • Email addresses of colleagues or family and friends that can be used to send more convincing phishing emails.

  • Personally identifiable information like names, physical addresses, birthdates, Social Security Numbers, etc. that can be used for identity theft.

  • Confidential company information like details about mergers and acquisitions, research and development, and any other information that could be used to influence stock trading or for competitive gain.

  • Financial data a like credit card numbers, tax information or W2s that could be used to commit tax fraud and steal money.

  • Phone numbers that can be used to bypass two-factor authentication, as well as used to deliver SMS-based phishing campaigns.

  • Medical records or health insurance information like insurance policy IDs that could be used to commit healthcare insurance fraud.

#phishing_attack #phishing_website #types_of_phishing #types_of_social_engineering_attacks #how_to_protect_against_social_engineering_attacks

#how_to_prevent_social_engineering #Email_addresses #Financial_data #ways_for_an_organization_to_prevent_social_engineering #social_engineering_real_life_examples #phishing_malware #phishing_a_form_of_social_engineering #Usernames_passwords

17 views0 comments