Attack Anatomy – What Is Phishing?

Phishing is the process of attempting to acquire sensitive personal information such as account details e.g. usernames, passwords and credit card details by masquerading as a trustworthy source using emails which evade your organization’s spam filters.

Emails claiming to be from your colleagues, social media sites, Microsoft etc. are commonly used to trick you into thinking the sender can be trusted. In most cases there is always an urgent call to action such as “Your account is about to expire and your data will be permanently deleted, click here to resolve” which diverts your attention away from checking it is a valid email.