Types of Phishing Attacks
Explore the different types of phishing attacks, such as credential theft, cross-site request forgery, social engineering, and malware delivery. Understand how attackers exploit human trust and technical vulnerabilities to compromise accounts, and gain insight into the risks each method presents.
We'll cover the following...
Phishers don’t need to trick everyone they email in order to be successful. They generally cast a wide net and count on someone to have an off day and go along with the attack. Duo’s The Trouble With Phishing states that 17% of people who receive phishing emails enter their credentials into phishing sites. Put another way, on average, a phisher with just six email addresses can expect to trick one of the account owners into revealing their login credentials.
It’s just an email. What’s the worst that could happen? Let’s take a look at the most common types of phishing attacks.
Phished credentials
By far, the most common phishing attack is to steal login credentials. Generally, this is done by setting up a malicious website that looks the same as the login screen for Gmail, Outlook 365, Dropbox, or another popular website.
The phisher then sends a phishing email to the intended victim. The phishing email will contain a link to the malicious ...