International (English)

Phishing, Smishing and Attacks on Social Media

Modified on:

Phishing is a type of fraud in which an attacker impersonates a legitimate entity or person, primarily by sending a fake email, SMS messages (in this case, it is called "smishing") or social media messages. Phishing attacks often use phishing messages to distribute malicious links or attachments that can perform a variety of actions, such as extracting victims' login credentials or other account information. 


Phishing is popular among those who commit cybercrimes, as it is much easier to trick someone into easily clicking on a malicious link within a fake email than it is to break through a computer's defenses. To create the message, they generally use real information obtained from social media or other sources, such as name, email address or institutions where the person has contracted financial services, to make it seem real.


Successful phishing messages are difficult to distinguish from real messages. They usually appear to be sent by a known entity, and even include, for example, corporate logos. However, there are several clues that may indicate that a message is a phishing attempt: 


  • The message uses misspelled or suspicious URLs that do not match the URL of the institution from which the message originates.

  • They use a public email address, rather than a corporate email address.

  • The message is written to create fear or a sense of urgency.

  • The message includes a request to verify personal information, such as financial details or a password. Remember that an institution will never ask you for this information.

  • The message is poorly written and contains spelling and grammatical errors.

By keeping the tips above in mind, you will be less likely to become a victim of phishing.


Was this useful?