by in
Source: https://www.cshub.com/attacks/articles/what-is-phishing
• Phishing is a social engineering tactic that sees hackers attempt to gain access to personal or confidential information by posing as a legitimate company
• Malicious actors typically use email, text messages and social media messages to target individuals and organizations
• Phishing attacks soared in 2022, with the APWG recording 3,394,662 attacks in the first three quarters
• Malicious actors may use phishing to harvest login credentials, personal data or payment information, extort companies using the threat of a data leak, or use stolen data for identity theft or corporate espionage purposes
• Phishing attacks that target companies and their employees may use email or ‘spear phishing’, where hackers have already gathered information about their targets
• Cyber attacks like these can damage a company’s reputation, erode customer trust and lead to financial losses
• Malicious actors may also use spear phishing attacks to harvest data relating to the company itself
• Advances in AI are removing red flags and making phishing scams ever more sophisticated
• Companies should use a layered security approach to prevent damage if and when attackers compromise credentials
• When considering phishing attacks that target individuals, the CCCS provides advice on how to protect yourself
