Phishing attacks are more common than you think

Phishing attacks are more common than you think

by Adam
January 13, 2022

Do we all know what phishing is? Phishing attacks are getting more common every day. Awareness is the best preventive tool when it comes to stopping phishing attacks. 

The pandemic drastically affected the increase of phishing attacks, since many employees started to work remotely. The vulnerability of data was also increased by employees using their personal devices. So what is Phishing? and What are the most common types of it?

Phishing is…

Phishing is a kind of social engineering attack. It means that such attacks rely on human interaction and induce a user to make a mistake. This mistake will lead to bypassing a security system and compromising a device or a network. 

Phishing can be generic scam emails or very personalized and targeted emails. Personalized phishing attacks are tailored to a specific person, they can use information collected from a leak of personal data.

The 5 Most common phishing attacks

Email Phishing

Email phishing is the most common type of phishing that has been used since the 1990s. Emails are sent by hackers to any email addresses that they can obtain. Such emails contain malicious links, but a user can usually detect some grammar and spelling mistakes.

Spear Phishing

Spear phishing is a tactic that uses emails, social media, or other platforms in a highly targeted manner. A spear phishing attack tries to get a user to perform an action that can compromise a network, data loss, or financial loss. It targets a specific person or group of individuals and requires time and in-depth research. A typical spear-phishing attack is an email that looks very close to one you might receive from a friend or colleague, along with a hyperlink to a malicious site. 


Whaling is a targeted way of spear phishing that aims to target ‘a bigger phish’ such as a CEO, CFO, or someone else at the top of an organization. A malicious link is sent with an email that redirects to a page filled with viruses.



Vishing attacks use personal information in a similar way as email phishing attacks, but instead of using email it uses telephone communication. It is simply another way to reach the user via a voice call. This call can be, for example, a call that pretends to be from a known organization or company where the targeted user is asked to provide credit card information.



More and more businesses are more concerned about smishing. This is when an attacker sends malicious text messages to users that include malicious links. This form of attack is becoming popular and it entices users to open it as they tend to trust messaging apps more than emails, as they are easier and faster to use. It is easier for a hacker to find a personal phone number compared to other personal data. 

Stay always aware and informed with MonkPhish!

Follow us on social media today!

Related Stories

July 21, 2021

China’s cyber attack on American pipelines

23 gas pipeline operators were targeted by a Chinese cyber attack between December 2011 and February 2012.

February 3, 2022

Social engineering: exploiting human nature for malicious attacks

Social engineering is a tool of psychological manipulation. Cybercriminals exploit human error to conduct a cyberattack and trick users into making security mistakes.

July 19, 2021

Disrupt the hackers before they disrupt you

Increasing ransomware attacks utilizing spear phishing techniques should be sounding alarm bells in the C-suites of not only large companies but also in SMBs.