by in
Source: https://www.cshub.com/attacks/articles/what-is-phishing
Bulletpoints Summary:
– Phishing is a social engineering tactic used to gain access to personal or confidential information by posing as a legitimate company.
– Common motives for launching phishing attacks are to harvest login credentials, personal data or payment information, sell it on the dark web, or use it for other purposes such as identity theft.
– Phishing attacks may be conducted via email, text messages, or social media messages.
– In 2022, APWG recorded a total of 3,394,662 phishing attacks and 75% of respondents in the CS Hub Mid-Year Market Report cited social engineering and phishing attacks as the top threat to cyber security.
– Spear phishing attacks may target individuals or companies, with the aim of harvesting large amounts of customer data or gaining access to internal systems.
– In August 2022, Twilio was targeted by a phishing attack which led to the compromise of 163 companies, with some users directly targeted.
– In October 2022, cloud storage company Dropbox had its source code stolen by hackers after its employees were targeted by a phishing attack.
– In September 2022, a malicious actor posed as CircleCI to gain access to various user accounts on GitHub.
– In October 2022, a hacker known as Monkey Drainer used phishing attacks to steal $1mn worth of Ethereum and NFTs in just 24 hours.
– Advances in artificial intelligence (AI) are making phishing scams ever more
