Key Takeaways
- Phishing is when criminals impersonate banks or brands to steal your login.
- They use Urgency ("Account Suspended!") to make you panic.
- Always hover over links to see the real URL before clicking.
- Spear Phishing is a targeted version tailored just for you.
You get an email: "Your Netflix payment failed." You click, login, and... your account is stolen. That is Phishing.
What is Phishing?
Phishing is a social engineering attack where a criminal poses as a trusted entity (Bank, Google, Boss) to trick you into revealing sensitive information like passwords or credit card numbers.
Red Flags
- Urgency: "Act now or your account will be deleted!" Scammers want you to panic and not think.
- The Domain: Check the URL carefully. Is it `netflix.com` or `netflix-support-verify.com`?
- Generic Greetings: "Dear Customer" instead of your name.
- Suspicious Attachments: Invoices for things you didn't buy (`invoice.pdf.exe`).
Spear Phishing
This is a targeted version where the attacker researches YOU specifically. They might mention your job title, your recent projects, or your boss's name to make the email seem real.
Frequently Asked Questions (FAQ)
I clicked a link but didn't type anything. Am I safe?
Probably, but not 100%. Some sites use "Drive-by downloads" to infect you just by visiting. Run a virus scan just to be safe.
What is "Smishing"?
It is Phishing via SMS text messages ("USPS: We cannot deliver your package, click here"). The rules are the same: don't click unknown links.
Is a website safe?
Check Domain Info