11:[["$","$La3",null,{"props":{"lessonContent":{"components":[{"type":"MarkdownEditor","mode":"edit","content":{"version":"2.0","text":"$a4","mdHtml":"

What is phishing?

Phishing is the first attack we’ve covered that attacks the user instead of the software. In a phishing attack, the attacker sends an email to the victim and tricks the victim into doing something the ...

","cursorPosition":{"line":0,"ch":0},"comp_id":"18f0596b-55d3-4b47-aca2-5f0993025aea"},"hash":0,"iteration":0,"children":[{"text":""}],"status":"normal"}],"summary":{"titleUpdated":true,"description":"Explore the fundamentals of phishing as an attack aimed at users rather than software. Understand how attackers use phishing emails to steal credentials, bypassing technical defenses. This lesson prepares you to recognize phishing threats and sets the foundation for learning different phishing types and defense strategies.","title":"Introduction"},"enable_collapsible_headings":false,"content":[{"type":"MarkdownEditor","mode":"edit","content":{"version":"2.0","text":"$a5","mdHtml":"

What is phishing?

Phishing is the first attack we’ve covered that attacks the user instead of the software. In a phishing attack, the attacker sends an email to the victim and tricks the victim ...

","cursorPosition":{"line":0,"ch":0},"comp_id":"18f0596b-55d3-4b47-aca2-5f0993025aea"},"hash":0,"iteration":0,"children":[{"text":""}],"status":"normal"}]},"isPreviewLesson":false,"pageType":"collection_lesson","aiCoachVideoUrl":"https://youtu.be/kgl8y9J3O6c","collectionDetailsSSR":{"title":"Practical Security: Simple Practices for Defending Your Systems","summary":"It seems like hardly a week goes by without a high-profile computer breach. Why do these happen? How can you prevent them? This course doesn’t have all the answers, but it does outline practices that make life harder for attackers and that will help tide you over until you get a full-time security team in place.\n\nIn this course, you will learn 5 simple, yet effective, techniques for preventing attackers from getting into your system. These techniques are related to: patching, software vulnerabilities, cryptography, windows security, and phishing. Within each chapter you will learn the best practices for preventing vulnerabilities and how to make them more detectable. \n\nThis course is based on the Pragmatic Programmers’ book, Practical Security, and is aimed at developers, admins, team leads, architects, technology generalists, and all others who stand guard against the things that disrupt the network.","details":"","clos":["Implement rapid patching workflows with testing and phased rollouts to reduce exploit windows","Build and maintain third-party library inventories, including direct and transitive dependencies","Automate dependency vulnerability detection in builds using tools like Dependency-Check, Xray, and GitLab scans","Scan networks with Nmap and OpenVAS to inventory hosts, services, and exposed software versions","Apply layered defenses against SQL injection, XSS, and XSRF using safe query patterns and encoding/tokens","Select and use trusted crypto and password hashing (bcrypt/scrypt/Argon2/PBKDF2) and configure TLS securely","Deploy Windows and email defenses: WSUS, password policies/BitLocker, SPF/DKIM/DMARC, and 2FA against phishing"],"key_outcomes":[],"arabic_available":false,"page_tags":{"4621780376354816":"","6116734609129472":"","5678360450564096":"","6613410197274624":"","5753199987261440":"","4797090539503616":"","4989857999880192":"","6492289636499456":"","4659508577042432":"","5229524422754304":"","6083952398827520":"","6275129194577920":"","6467868452454400":"","6442000736845824":"","5500484178673664":"","6186521586565120":"","6419780119560192":"","6622128729227264":"","5248131261267968":"","4729665928298496":"","5274130610913280":"","4666981149048832":"","6050532050337792":"","5855353435586560":"","5650352364847104":"","6280758017654784":"","4539627718311936":"","6029155259908096":"","6003537524817920":"","5235973853020160":"","4844747429511168":"","6092704468434944":"","6400358076121088":"","5534070755819520":"","5516949623668736":"","5817676522848256":"","5412125427105792":"","5604204300206080":"","5477685032648704":"","6493595658878976":"","6275812144709632":"","5006560725041152":"","4598068868546560":"","5970779943469056":"","6380626476269568":"","4700031660589056":"","4788279078551552":"","6165522015059968":"","5435304224751616":"","6365725540220928":"","5596177190879232":"","5238637890371584":"","5211296581550080":"","6639479860232192":"","5080094054809600":"","6744032299450368":"","6170492365963264":"","5985456584916992":"","5822584512839680":"","5579751356891136":"","5671822033944576":"","6025460329742336":"","4736900129619968":"","5013091759685632":"","5318997785444352":""},"collection_toc_is_enabled":true,"page_count":null,"docker":{"container":{"buildLogUrl":"https://www.educative.io/api/author/10370001/collection/5903468494585856/containers/6670810656800768/build/log","buildStatusUrl":"https://www.educative.io/api/author/10370001/collection/5903468494585856/containers/6670810656800768/build/status","tarballDownloadUrl":"https://www.educative.io/api/author/10370001/collection/5903468494585856/containers/6670810656800768/download","id":-1,"imageName":"author-10370001-collection-5903468494585856-rev-11-container-6670810656800768-docker","file":{"name":"docker.tar.gz","size":5938},"rebuildImageUrl":"https://www.educative.io/api/author/10370001/collection/5903468494585856/containers/6670810656800768/rebuild","buildStatus":"SUCCESS","metadata":{"sizeInBytes":5938},"track":false},"envs":[],"jobs":[{"runInLiveContainer":false,"name":"network-commands","startScript":"","inputFileName":"main.sh","key":"b3ec9adc-43c4-40ab-8c1f-f4cb26b525bc","runScript":"sh main.sh","buildScript":"","ports":""},{"runInLiveContainer":false,"name":"pip","startScript":"","inputFileName":"main.py","key":"5ebbba31-ac53-4fd9-9c0e-0647278a2580","runScript":"python3 main.py","buildScript":"","ports":""},{"runInLiveContainer":true,"name":"node","startScript":"npm start --prefix /usr/src/app","inputFileName":"foo","key":"78643afe-b0ce-43ed-83b9-c774b81800c5","runScript":"cp /usercode/* /usr/src/app","buildScript":"","ports":"7888"}],"testRunners":[],"version":3,"loaded":true},"discounted_price":39,"cover_image_id":4771204683530240,"cover_image_metadata":"\"{\\\"width\\\":1024,\\\"height\\\":512,\\\"sizeInBytes\\\":21273,\\\"name\\\":\\\"Cover.png\\\"}\"","cover_image_serving_url":"/v2api/collection/10370001/5903468494585856/image/4771204683530240","tags":["Security","Phishing","XSS","SQL Injection","XSRF"],"intro_video_url":"","intro_video_thumbnail_url":"","aggregated_widget_stats":{"MxGraphWidget":7,"Code":12,"RunJS":0,"codeSnippetCount":54,"illustrations":13,"MarkdownEditor":147,"TabbedCode":13,"codeRunnableCount":20,"Quiz":40,"WebpackBin":1,"codeExerciseCount":0,"projects":0,"assessments":0,"cloudlabs":0},"default_themes":{"code_themes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}}},"api_keys":{"api_keys":[]},"skills":[],"testimonials":[],"licensing":null,"target_audience":"intermediate","author_id":"10370001","collection_id":"5903468494585856","approval_status":3005,"price":59,"is_private":false,"path_type":"regular","organization_id":null,"is_mini":false,"is_priced":true,"brief_summary":"Learn about security techniques, e.g., patching, cryptography, and phishing prevention. Explore practices to make systems resistant to defend against attacks.","approval_update_time":"2020-05-25T21:54:49.872Z","rating_visibility":true,"update_last_published_on_homepage":true,"show_developed_by":true,"udata_files":[],"CodeThemes":{"Code":"default","Markdown":"default","RunJS":"default","SPA":"default","isForced":{"Code":false,"Markdown":false,"RunJS":false,"SPA":false}},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"collection_type":"collection","adaptive_learning_mode":false,"HLOs_to_toc":{},"is_guide":false,"read_time":32400,"allow_logged_out_executions":false,"unique_live_widget_urls":false,"metadata_status":101,"palified_version":null},"pageSummarySSR":{"title":"Introduction","description":"Explore the fundamentals of phishing as an attack aimed at users rather than software. Understand how attackers use phishing emails to steal credentials, bypassing technical defenses. This lesson prepares you to recognize phishing threats and sets the foundation for learning different phishing types and defense strategies."},"adaptiveLearningConfigConstantSSR":0,"allowAllLessonPreview":true,"lockedBannerStatsSSR":{"b2cTrialStats":{"is_b2c_trial_active":true,"b2c_trial_active_duration":21,"b2c_trial_categories":"$a7"},"b2cStatus":100,"learnerTags":"$a8","workStats":2250,"interviewWorksStats":151,"inL2cStarterPack":false,"l2cWorkStats":46,"enableL2cStarterPackPaymentWidget":"false"},"pageTocSSR":"

What is phishing?

","authorId":"10370001","collectionId":"5903468494585856","pageId":"5274130610913280","serverConfigConstants":{"enable_notepad_prompt_ai":"true","use_redesigned_sandpack_widget":"true"},"codeFeatureFlags":{"enableCodeCodeTabRedesign":"3"},"meta":{"type":["Article","TechArticle"],"title":"Understanding Phishing Attacks and User Targeted Threats","name":"Practical Security: Simple Practices for Defending Your Systems","description":"Learn what phishing is and why attackers target users to steal credentials, bypassing system defenses like patching and cryptography.","image":"https://educative.io/api/collection/10370001/5903468494585856/image/4771204683530240.png","isAccessibleForFree":false,"keywords":"$a8","provider":"Educative","publisher":"Educative","id":"courses/practical-security-defending-your-systems/introduction-39Xv7EqwDNn","author":"Educative","educationalLevel":"intermediate","noIndex":false,"isForcedNoIndex":false,"noFollow":false,"redirectInfo":{"isDeletedCollectionPageRedirectable":false},"page_titles":{"6613410197274624":"Upgrading Third-Party Libraries and Software","6116734609129472":"Some Key Principles","5678360450564096":"TLS Configuration","4621780376354816":"Library Inventory","5753199987261440":"Introduction","4797090539503616":"Social Defense","4989857999880192":"Introduction to Cross-Site Scripting (XSS)","6492289636499456":"Extending the Defense Beyond Prepared Statements","4659508577042432":"HTML Encoding","5229524422754304":"Active Directory: What Else Is It Good For?","6083952398827520":"Additional Defenses as a Mitigation Against Future Mistakes","6275129194577920":"OpenVAS","6467868452454400":"Introduction","6442000736845824":"Dependency Management: Python","5500484178673664":"Network Inventory","6186521586565120":"Solution Review: Write a Generalized Query","6419780119560192":"Storing Passwords When You’re the Client","6622128729227264":"Nmap","5248131261267968":"Challenge: Select The Journal","4729665928298496":"Finding Published Vulnerabilities","5274130610913280":"Introduction","4666981149048832":"What’s Next?","6493595658878976":"Password Storage","5671822033944576":"How SQL Injection Works","5855353435586560":"A Closer Look at Patching","5650352364847104":"Testing Your Patches","6280758017654784":"ECB Malleability","4539627718311936":"CBC Is Still Malleable","6029155259908096":"Patching Windows","6003537524817920":"Who Is This Course For?","5235973853020160":"Automating Vulnerability Detection","4844747429511168":"Wrapping up!","6092704468434944":"Types of Phishing Attacks","6400358076121088":"Solution Review: Select The Journal","5534070755819520":"Introduction","5516949623668736":"Authentication-Based Defense","5817676522848256":"Don’t Use Low-Level Crypto Libraries","5412125427105792":"Challenge: Write a Generalized Query","5604204300206080":"More SQL Commands","5477685032648704":"DNS-Based Defense: DMARC","6050532050337792":"Jenkins & Public-Facing Servers","6275812144709632":"More Techniques for Password Storage","5006560725041152":"DNS-Based Defense SPF","4598068868546560":"Don’t Roll Your Own Crypto","5318997785444352":"Login and Mimikatz","5970779943469056":"XSRF Prevention with SameSite","6380626476269568":"Keeping Passwords Hard to Predict","4700031660589056":"DNS-Based Defense: DKIM","4788279078551552":"Default Passwords & Credentials","6165522015059968":"What’s Next?","5435304224751616":"Security When the Enemy Knows the System","6365725540220928":"Misconfiguration","5596177190879232":"Password Policy","5238637890371584":"Introduction to SQL","5211296581550080":"BitLocker","6639479860232192":"Putting It All Together for a Robust Defense","5080094054809600":"If Patching Hurts, Do It More Often","6744032299450368":"Evaluating Crypto Libraries Without Being a Crypto Expert","6170492365963264":"What’s Next?","5985456584916992":"Introduction to Cross-Site Request Forgery (XSRF)","5579751356891136":"Defenses against XSS","5822584512839680":"Dependency Management: JavaScript","6025460329742336":"Introduction","5013091759685632":"Minimizing the Cost of Credential Loss","4736900129619968":"What’s in This Course?"},"is_marked_for_deletion":false,"transition_page_title":"","is_redirectable":false,"deleted_course_lesson_redirect":{"author_id":null,"collection_id":null,"page_id":null,"redirect_url_slug":null},"metadata_status":101,"additional_course_alternatives":[],"structured_data_json":"{\"@context\":\"https://schema.org\",\"@type\":\"LearningResource\",\"name\":\"Understanding Phishing Attacks and User Targeted Threats\",\"description\":\"Learn what phishing is and why attackers target users to steal credentials, bypassing system defenses like patching and cryptography.\",\"isAccessibleForFree\":\"False\",\"hasPart\":[{\"@type\":\"WebContent\",\"isAccessibleForFree\":\"False\",\"cssSelector\":\".ed-lesson-content\"}],\"provider\":{\"@type\":\"Organization\",\"name\":\"Educative\"}}"},"requestUrl":"/courses/practical-security-defending-your-systems/introduction-39Xv7EqwDNn","requestUrlInfo":{"authorId":10370001,"collectionId":5903468494585856,"pageId":5274130610913280,"courseUrlSlug":"practical-security-defending-your-systems","pageUrlSlug":"introduction-39Xv7EqwDNn"},"isExternalContent":false}}],[["$","script",null,{"id":"generate-data","type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$a9"}}],["$","script",null,{"id":"structured-data","type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"LearningResource\",\"name\":\"Understanding Phishing Attacks and User Targeted Threats\",\"description\":\"Learn what phishing is and why attackers target users to steal credentials, bypassing system defenses like patching and cryptography.\",\"isAccessibleForFree\":\"False\",\"hasPart\":[{\"@type\":\"WebContent\",\"isAccessibleForFree\":\"False\",\"cssSelector\":\".ed-lesson-content\"}],\"provider\":{\"@type\":\"Organization\",\"name\":\"Educative\"}}"}}],"$undefined"]]