Types of E-mail Spam and Phishing
Phishingis the term for messages sent to individuals via e-mail or text message with the intent to fool unsuspecting recipients into providing personal information, such as user names, passwords and financial account information. They often employ social engineering tactics by creating messages that appear to be legitimate. These messages can also lure individuals to malware-hosting websites.
Spear phishingdiffers from phishing in that it targets a specific department, division or college, seeking unauthorized access to protected information. These messages allegedly come from IT support staff or other professionals in a position of authority from within the targeted department, division or college. As with phishing, these e-mails will attempt to trick users into divulging personal or financial information, or their credentials, or entice them into clicking on a link that could install malware on the computer.
E-mail spamare messages sent to many people, often simultaneously, that either contain web links to Internet websites that host malware or contain executable malware within the message designed to infect the computer when opened. These messages are also called junk e-mail.
Spoofingaims to trick users into taking actions that that aren’t in their best interest. For example, users might be tricked into believing false information or divulging confidential information, access authorization information, passwords, and other information.Spoofing can mean:
- Impersonating a person, organization, agency or server without permission.
- Faking the origin. The messages were allegedly sent from the administrators, but they were actuallyfrom intruders trying to steal accounts.
Quishing, also known as QR code phishing, involves tricking someone into scanning a QR code using a mobile phone. The QR code then takes the user to a fraudulent website that might download malware or ask for sensitive information.