Learn about phishing attack methodologies.
- [Instructor] Phishing is a very easy attack vector…to use against people and companies.…The first step in any kind of computer attack…is to do reconnaissance.…Depending on the type of phishing attack planned,…attackers will use the internet and the other resources…to identify their targets and get their email addresses.…The typical motivation is to seek financial gain.…For general phishing, no particular target…will be identified, but, rather, attackers just send…the message to every email address they have.…Advanced phishing techniques will identify…a small group of specific targets.…
Phishers can purchase databases of email addresses…to use for their phishing campaign.…Many social media sites have privacy policies we agree to…that provides them with our personal information…that the company might share.…Email addresses are easy to obtain from online sources.…People often publish where they work on social media sites…and most companies use the firstname.lastname format…for their employee's email addresses,…
Phishing is successful when an email message persuades a person to take an action or reveal information which should not be disclosed. Whaling focuses on high-profile targets such as executives, politicians, and celebrities. Learn about the tactics used in phishing and whaling, and view some examples so that you can identify suspicious emails and network intrusions. Then learn how to reduce your risk and put protections in place to help mitigate these threats.
This course was created and produced by Mentor Source, Inc. We are honored to host this training in our library.
- What is phishing?
- Types of phishing, including cat phishing, spear phishing, and vishing
- Phishing examples
- What is whaling?
- How to reduce phishing and whaling with technology and procedures