Understanding Phishing

synthetic monitoring

Cybersecurity specialists and cybercriminals are engaged in a constant war.

As cybersecurity becomes stronger and harder to breach, attacks by cybercriminals have become more and more innovative.

Hackers and other malicious forces on the internet are coming up with new ways to target businesses and their employees and trick them into revealing data, transferring funds and other actions the wrongdoers want their target to commit.

Below is a look at the concept of phishing, how this form of cyberattack started and at the different types of phishing.

What is phishing?

Phishing is a form of identify theft that encourages unsuspecting individuals to volunteer personal details or other information that the recipient of this data can then use for malicious purposes.

One common way to commit this kind of theft is via a fraudulent website, text message or email that appears to be from a legitimate business or other entity.

In the belief they’re dealing with honest operators, employees who visit these websites or receive these ill-intentioned messages may then supply sensitive company data. This could be bank account numbers, business details, system passwords, login IDs and more. The criminal then uses these to steal the employee’s identity of money from the company — or both. They may also sell the information to other criminals.

One way businesses can protect their employees and network from phishing and other cyberattacks is to purchase online security. Perimeter 81 offers ZTNA solution, which offers customised user access and a range of other features to make networks much more secure.

How phishing works

Phishing take sneaky advantage of security flaws and weaknesses in the business’s network.

The attacks are more carefully planned and executed than some people imagine. The perpetrators conduct the attack in stages, including planning, setup, assault, collection and identity theft.

Following a successful attack, these criminals evaluate what went wrong and what went right. They then decide whether to perform another attack or scam.

The history of phishing

According to some, the term ‘phishing’ comes from ‘fishing’ because the fraudsters are ‘fishing’ for logins and other sensitive details in a ‘sea’ of internet users.

Hackers are thought to generally replace the ‘f’ with ‘ph’ and generally used to be known as ‘phreaks’, hence the spelling of ‘phishing’ itself.

The first phishing attack is believed to have taken place in the mid-1990s.

At the time, AOL was one of the leading internet service providers and this massive popularity caught the attention of hackers, who began using AOL for their communication and were trading with pirated and illegal software. They formed a community called the warez community.

In the beginning, the communities started stealing user information. They then generated random credit card details, which they used to create new AOL accounts and spam other AOL members.

When AOL updated their security to put a stop to these incidents, the members switched to impersonating AOL employees and message customers with spoof emails. They’d set the trap by asking in these emails for the recipient to verify their account.

The different types of phishing methods

Phishing perpetrators often will conduct the attacks via fake emails, impersonating a legitimate company to steal the recipient’s personal information. Unfortunately for innocent users of the internet, there are several other types of phishing attack out there.

Spear phishing

In spear phishing attacks, the criminals will customise their email’s with the target’s name, position, company, phone number and other information, trying to trick the recipient into thinking they’re connected to the sender. The aim is the same as with deceptive phishing: to trick the recipient into handing over data by clicking on a malicious URL or email attachment.

Techniques they may use include housing malicious documents on Google Drive, Dropbox and other cloud services; compromising API tokens or session tokens; gathering out-of-office notifications; and exploration of social media to find out who works at particular companies.


Whaling is a type of spear phishing in which the scammers will target CEOs or other high-ranking executives and try to steal their login details.

In the second stage of the attack, the scammer will use the compromised account to authorise transfers to a financial institution of their choice. If not that, they may use the account to request the details of company employees to file fake tax returns on their behalf or post the information on the dark web.

Techniques a cyberfraudster may use in a whaling attack include using malware and rootkits to infiltrate the network; following up emails with phone calls to allay any fears that something suspicious is going on; and using information from the target’s suppliers and vendors to create the impression the email is coming from a trusted source.


Smishing is a type of phishing perpetrated using a phone. The scammer can use text messages to trick the recipient into clicking on malicious links or providing personal information.

Techniques anyone conducting a smishing attack may use include triggering the download of a malicious app on a mobile phone; linking to data-stealing forms; or instructions to the user to contact a (fake) user support.

Business owners and their employees must be on their guard when using tech to perform the duties of their roles. If not, and if the business’s network is not adequately secure, ill-intentioned users of the internet will exploit any flaws in security. This could cause a variety of damage, which means investing in robust cybersecurity is one of the best investments a business will ever make.