Phishing
A social engineering attack that tricks users into revealing sensitive information through deceptive communications.
Also: spear phishing · whaling
Definition
Phishing is a type of social engineering attack in which cybercriminals impersonate trusted entities (banks, tech companies, colleagues) through deceptive emails, text messages, or websites to trick victims into revealing sensitive information such as passwords, credit card numbers, or Social Security numbers. Spear phishing targets specific individuals, while whaling targets executives. Phishing remains one of the most common and effective cyberattack vectors, responsible for a large percentage of data breaches.
Example
“An employee receives an email appearing to be from IT support asking them to click a link and reset their password — entering credentials on the fake site steals their login.”
Synonyms
- social engineering attack
- credential theft
- email scam
- deception attack
Antonyms / Opposites
- security awareness
- legitimate communication
Images
CC-licensed · free to useVideo
Related Terms
- social-engineering
- malware
- spear-phishing
- two-factor-authentication