Back to course

Phishing and Vishing Explained

Cyber Security Mastery: From Zero to Hero

Email and Voice Scams

1. Phishing (Email/Web)

Phishing is a method of trying to gather personal information using deceptive emails or websites that look like they belong to a legitimate organization (like a bank or streaming service).

  • Spear Phishing: Highly targeted phishing attack aimed at a specific individual or organization.
  • Whaling: Phishing attack specifically targeting high-profile individuals (CEOs, executives).

2. Vishing (Voice Phishing)

Vishing involves the use of voice communication (telephone calls, VoIP) to trick people into providing sensitive information.

  • Example: Receiving an automated call claiming your bank account has been compromised and asking you to press '1' to speak to a representative and verify your PIN.

How to Defend Against Phishing

  1. Always check the sender's email address for slight misspellings.
  2. Hover over links before clicking to see the true destination URL.
  3. Never provide sensitive information (passwords, SSNs) via email or unsolicited phone calls.