Phishing

What is Phishing?

Phishing refers to "fishing" for personal information such as passwords and credit card numbers from unsuspecting individuals using emails. Criminals pretend to represent reputable companies and try to play on human emotions to get the recipient to click on links in the email. Clicking the link usually results in some malicious software (malware) installed on the victim's computer.

Here are common emotions that criminals try to play on try and get you to act:

Fear or Greed
Need for recognition
Compassion for others
Need for social connection

There are several types of related scams.

Phishing: Phishing emails are sent to very large numbers of recipients at random, with the expectation that only a small percentage will respond.
Spear Phishing: Spear phishing emails are carefully designed to get a single recipient to respond. Criminals select an individual target within an organization and craft a fake email tailored for that person.
Smishing: A form of phishing, smishing is when someone tries to trick you into giving them your private information via a text or SMS message.
Vishing: A combination of ‘voice’ and ‘phishing,’ is a phone scam designed to get you to share personal information.

Ways to avoid becoming a victim

Usually spam filters in popular email services like Gmail, Outlook, Yahoo, and Apple iCloud, will catch spam and put them in your junk/spam folder. But some emails can slip through the cracks.
Carefully scan suspicious mails and "handle with care". Refer to this page on how to spot phishing attacks.