What is phishing ?
Phishing is an email or link that contains a malicious url that simulates a real trusted website, person or an entity with the purpose of stealing data or authentication or loading a malware into your system, for example it can take different forms and types, like a message from what seems like facebook asking you to enter your password and as soon as you do it will send it to an attacker.
There are many types of phishing attacks specially on social media and other social platforms, those phishing links can target different websites like news sites or organizations like banks to steal it’s data or harm it’s integrity or reputation, some attacks could be sent to thousands of users or be tailored to a specific person.
Deceptive Phishing
it’s the most common type, impersonating a trusted company or website to trick the users into giving up their data this would target many users at once.
Spear Phishing
This is a personalized form of phishing, designed to lure the target into clicking on a malicious url or opening a malware attachment which when opened can compromise passwords or infiltrate the system. would usually include threats of account termination designed to coerce the user into giving out data.
CEO Fraud
A type of attack impersonating an authority figure to request data or payments from other employee within the company.
Pharming
This is not done like a traditional phishing scam but using DNS cache poisoning to change the numerical number of a website to fool your browser into visiting a malicious website to install malware into your computer.
Dropbox Phishing
Designed to offer the target a fake dropbox login page , possibly hosted on dropbox itself to generate credibility.
and will likely steal the account.
How to secure yourself from those kinds of attacks
First make sure that all the details,senders,urls on the email matches the legitimate source.
Second Don’t put much details about yourself on social media sites and the internet at large. this would prevent attackers from targeting you and using your data.
Third Make sure you do a credibility search on google, if it’s a fraudulent website google will tell you so.
Fourth make sure that your security software is running and up-to-date.