Zawartość kursu
Introduction
0/2
What exactly is phishing
How do criminals operate?
Types of phishing
Depending on the communication channel through which the attack is conducted, we distinguish several specific forms of phishing, which demonstrates the continuous adaptation of cybercriminals to new technologies:
0/5
Phishing (Email Phishing)
Smishing (SMS Phishing) – Fraud hidden in SMS messages
Vishing (Voice Phishing) – voice phishing
Quishing (QR Code Phishing)
Spear Phishing
Why is phishing so dangerous?
0/3
Global Services
Use of emotions: positive emotions
Strategies based on negative emotions
Examples of phishing attacks
0/6
Phishing using email: „Tax refund” attack
Phishing using email: Alleged shipment attack
Smishing – scam using SMS
Quishing – an attack using QR Code
Vishing – voice attack
Spear phishing
Principles of protection against phishing
0/6
General rules to protect
Phishing via e-mail
Smishing – SMS Phishing
Vishing – voice phishing
Quishing
Spear phishing
Phishing – don’t fall for internet scammers!

This is a highly targeted phishing attack. Spear phishing is directed at a specific individual, organization, or a small, precisely defined group of people. Unlike mass phishing campaigns, spear phishing relies on a strategy of quality rather than quantity.

Messages in this type of attack are highly detailed and personalized, utilizing a range of information about the victim that has been gathered beforehand. The sources of this data can be public information, such as from social media (LinkedIn, Facebook), company websites, public registries, but can also be confidential data resulting from data breaches (such as an address or phone number).

The information often exploited includes:

  • The victim’s first name, last name, and position.
  • Names of colleagues, supervisors, or business partners.
  • Details of projects, transactions, or internal company terminology.
  • Recent events in the victim’s professional or private life.

This detailed knowledge makes these messages incredibly credible and difficult to distinguish from authentic correspondence. Attackers often impersonate trusted sources: a supervisor (e.g., the company CEO), the IT department, a bank, a service provider, or even a friend. The goal is usually to trick the victim into revealing confidential login credentials, making a financial transfer, or installing malware by clicking on an attachment or link. Due to its precision and high success rate, spear phishing is one of the most dangerous and frequently used attack vectors targeting businesses and institutions.

Source: https://firewalltimes.com/spear-phishing-examples/

Poprzedni
Dalej