Skip To Main Content

Find It Fast

What is Phishing?

Phishing is a type of cyber attack where someone pretends to be a legitimate or trusted individual or entity to trick you into sharing sensitive information. This often occurs through emails, text messages, websites, or phone calls. The goal of a phishing attack is to gather confidential information, which may include:

  • Your username and password, which can lead to unauthorized access to personal or professional accounts.

  • Sensitive information, such as personal details about yourself, colleagues, or your organization. This may include internal documents, client information, or proprietary data.

  • Financial information, including bank account details, credit card numbers, or requests to make purchases, such as gift cards or wire transfers.

To view real Phishing examples, please visit the PhishBowlhttps://www.fresnounified.org/departments/it/cybersecurity/phishbowl

Phishing is the #1 cause of data breaches, identity theft, and financial loss for individuals and organizations alike. These attacks can result in stolen identities, compromised accounts, and significant financial damage.

To understand phishing in greater detail, it’s important to recognize that it is a form of social engineering. Social engineering is a manipulation technique where attackers exploit human psychology rather than technical vulnerabilities. These attacks prey on emotions like curiosity, fear, urgency, or trust. Examples include:

  • Spear Phishing: A targeted form of phishing, where the attacker customizes the message to a specific individual or organization. They often gather personal information beforehand to make the attack more convincing.

  • Whaling: A specific type of spear phishing that targets high-profile individuals within an organization, such as executives or senior management, to gain access to valuable data.

  • Business Email Compromise (BEC): In this sophisticated form of phishing, attackers pose as a company executive or trusted partner to request payments, sensitive data, or other critical information.

Preventing phishing requires awareness and vigilance. Always verify unexpected or suspicious requests, use multi-factor authentication, and ensure that you are accessing websites directly rather than through embedded links in emails or messages. Educating yourself and others is crucial because the best defense against phishing is informed and cautious behavior.

Report phishing to: phishing@fresnounified.org