Main menu (IT)

What is Phishing?

July 3, 2017

Envelopes to represent email, with a fishing hook to represent phishing.

Photo Courtesy of Sophos

Phishing is the word used when a cybercriminal sends you some sort of electronic message to trick you into doing something insecure.

The “fishing” metaphor refers to the idea of getting you on the hook and then reeling you in.

The crooks behind this sort of crime, who are known colloquially as phishers, usually use email, because it is surprisingly easy to mock up messages to look realistic.

But phishing attacks may also arrive via social media, SMS or other instant messaging platforms.

Here are some examples of the sort of treachery used by phishers:

  • You receive an invoice detailing a modest purchase from a well-known online site, complete with ripped-off logos and text copied from a genuine invoice. At the bottom is a legitimate-looking link or button to [Contest this charge] or [Query this purchase]. You know you didn’t make the purchase, so your inclination is to click through and log in. But if you do, you end up on an imposter login page, and your password ends up in the hands of the crooks.

To read more, visit Sophos What Is... Phishing