There are 4 main types of phishing scams. You have the classic phishing scheme, or the more targeted approach in order to get you give up information. It is all geared to steal your personal information and get your money and in some cases, your identity. They like to target people who “most likely” have a PayPal account, Google account, Microsoft Account, various banks and anything else they think you may have.
Different Types of Phishing
Phishing can be very targeted. It could be for just one person and it is very easy to be fooled. The back actors do a lot of research and some up with some sort of email to fool you. Statistics show that 91% of security breaches begin with a phishing scheme of some kind.
Spear phishing targets a specific group or type of individual such as a company’s system administrators, They are looking for a way to get into your system with admin privileges. If you are going fishing with a pole, you could pull in an old boot, a tuna, or a flounder – any kind of fish. If you are going fishing with a spear, you are picking a specific fish to go after. Hence the name.
Whaling is going after the BIG fish. You can easily get the Admin or CEO information off of the company website. They like to look at the employees if they are listed, and the CEO, and send an email from one of the employees to the CEO. In that email, they are asking them for specific information or to send the ID number on gift cards.
Smishing is another type of attack that uses text messaging or short message service (SMS) to get your attention. The message that comes into your cell phone through SMS will contain a link to click or a phone number to call could result in a smishing attack.
A scenario that has played out many times is an SMS that looks like it is coming from your bank. It tells you your account has been compromised and you need to respond immediately. The attacker asks you to verify your bank account number, SSN, etc. Just like that the attacker has control of your bank account.