8 Types of Phishing Attacks and How to Identify Them

1. Email phishing

Also called “deception phishing,” email phishing is one of the most well-known attack types. Malicious actors send emails to users impersonating a known brand, leverage tactics to create a heightened sense of immediacy and then lead people to click on a link or download an asset.

The links traditionally go to malicious websites that either steal credentials or install malicious code, known as malware, on a user’s device. The downloads, usually PDFs, have malicious content stored in them that installs the malware once the user opens the document.

How to identify email phishing:

Most people recognize some of the primary indicators of a phishing email. However, for a quick refresher, some traditional things to look for when trying to mitigate risk include:

2. HTTPS phishing

The hypertext transfer protocol secure (HTTPS) is often considered a “safe” link to click because it uses encryption to increase security. Most legitimate organizations now use HTTPS instead of HTTP because it establishes legitimacy. However, cybercriminals are now leveraging HTTPS in the links that they put into phishing emails.

How to identify HTTPS phishing

While often part of an email phishing attack, this is a slightly nuanced approach. When trying to decide if a link is legitimate or not, consider:

3. Spear phishing

Although uses email, it takes a more targeted approach. Cybercriminals start by using open source intelligence (OSINT) to gather information from published or publicly available sources like social media or a company’s website. Then, they target specific individuals within the organization using real names, job functions, or work telephone numbers to make the recipient think the email is from someone else inside the organization. Ultimately, because the recipient believes this is an internal request, the person takes the action mentioned in the email.

How to identify spear phishing:

4. Whaling/CEO fraud

Another type of corporate phishing that leverages OSINT is whale phishing, also called whaling or CEO fraud. Malicious actors use social media or the corporate website to find the name of the organization’s CEO or another senior leadership member. They then impersonate that person using a similar email address. The email might ask for a money transfer or request that the recipient review a document.

How to identify CEO fraud:

5. Vishing

Voice phishing, or “vishing,” happens when a cybercriminal calls a phone number and creates a heightened sense of urgency that makes a person take an action against their best interests. These calls normally occur around stressful times. For example, many people receive fake phone calls from people purporting to be the Internal Revenue Service (IRS) during tax season, indicating that they want to do an audit and need a social security number. Because the call creates a sense of panic and urgency, the recipient can be tricked into giving away personal information.

How to identify vishing:

6. Smishing

Malicious actors often apply similar tactics to different types of technologies. Smishing is sending texts that request a person take an action. These are the next evolution of vishing. Often, the text will include a link that, when clicked, installs malware on the user’s device.

How to identify smishing:

7. Angler phishing

As malicious actors move between attack vectors, social media has become another popular location for phishing attacks. Similar to both vishing and smishing, angler phishing is when a cybercriminal uses notifications or direct messaging features in a social media application to entice someone into taking action.

How to identify angler phishing:

8. Pharming

Pharming is more technical and often more difficult to detect. The malicious actors hijack a Domain Name Server (DNS), the server that translates URLs from natural language into IP addresses. Then, when a user types in the website address, the DNS server redirects the user to a malicious website’s IP address that might look real.

How to identify pharming: