The Four Main Types of Phishing

There are four main types of phishing: 

1. Deceptive Phishing: hackers send emails to end users that appear to be from a trustworthy source such as a legitimate company, the government, a bank, or even your own IT department. The email is designed to manipulate the end user into providing sensitive information such as account logins, bank details, and other personal information. It could ask you to click a link to input your information or open an attachment that infects your computer. 
2. Spear Phishing: rather than sending out emails to many end users, hackers target specific end users within a company. These emails are highly targeted through researching the target user, sometimes including information such as the user’s name, position, company, work phone number, or other personal information. 
3. Whaling: hackers target senior executives (the “big fish”). These emails are highly customized and usually take the form of customer complaints, legal subpoenas, or executive issues. 
4. Clone Phishing: rather than creating an email to pretend to be a legitimate source, hackers copy (clone) an existing email that has already been sent and replace the attachment or link with a malicious one. The email will claim to have been resent or updated to disguise it from the recipient.