Copyright

What is Phishing? - Definition, Examples & Awareness

Instructor: Brittany McKenna

Brittany is a licensed attorney who specializes in criminal law, legal writing, and appellate practice and procedure.

Phishing is the practice of attempting to acquire sensitive information from individuals over the internet, by means of deception. This lesson discusses different types of phishing schemes, as well as the social, legal, and technological responses to these growing threats.

Definition

If you have an email account, you've probably received an email from someone you didn't know. At best, it was simply misdirected. At worst, you may have been the victim of phishing, which is the attempt to deceptively obtain personal and secured information over the internet, for the purpose of exploitation and financial gain.

Information typically targeted by phishing schemes includes passwords, user-names, bank account information, and social security numbers. The term 'phishing' is a play on 'fishing'-- hackers use various forms of 'bait' in order to catch a victim.

Types of Phishing

The objective of phishing schemes is to entice the victims to disclose sensitive information over the internet. This is achieved in a variety of ways.

The most general form of phishing involves an email or instant message that appears to come from a legitimate source, like a bank or a credit card company. The communication requests that the recipient provide information such as bank account numbers or passwords to internet accounts. An email may encourage the victim to fill out a form with their bank login information for 'security purposes.'

This form of phishing achieves success by appearing to come from a trustworthy entity or person. For example, the phishing email may come from a real email address, or may bear the insignia or logo of a real banking institution, in order to deceive the user into believing that the sender has a legitimate reason for requesting the sensitive information. This particular scheme is known as email spoofing. As you will see, email spoofing features prominently in most phishing schemes.

Many times, a hacker may already have access to some information about a victim that can be used to enhance the probability of success. In this scenario, the victim's name and address may appear in the communication, lending credence to the notion that the communication has been made for a legitimate purpose. Spear phishing, as it is known, is a targeted form of email spoofing, and is the most popular phishing tactic in use today.

Another common form involves the use of fake websites and web-addresses (known as URLs). In this type of scheme, the victim is directed to a website through a link embedded in the initial email. For example, the URL may read something like www.realbank.com/account. While the URL in the email may appear genuine, it will redirect the unknowing victim to a fake website used to collect private information. This tactic is known as website spoofing, and is often used in concert with spear-phishing campaigns.

Anti-Phishing Measures

Anti-phishing measures have been created to combat the recent increase in attacks. Some focus on the technological deception involved with phishing schemes, through the development and implementation of anti-phishing software. This approach has become an essential component of the digital security infrastructure of countless large corporations.

Login and registration protocols on banking and commerce websites have also evolved to protect users from phishing. New password measures, such as requiring the user to answer specific preset questions, or selecting a unique picture for the login credentials, provide an extra layer of digital security.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account
Support