Phishing – What is phishing?

Phishing is an attempt at identity theft, in which a user impersonates another person or entity in order to obtain personal data (passwords, credit card number and other sensitive information) through fake emails or links. Whoever carries out this action is known as a  phisher , and impersonates a person or organization through an apparently official communication, commonly through email or another type of instant communication. 

 

Where does the term phishing come from?

It refers to the word “ fishing ,” which means “to fish” in English, since the victims of this practice “take the bait.” It can also respond to the acronym for “ password harvesting fishing  .”

How does phishing work?

This is a technique that normally attempts to take advantage of the user’s panic or urgency with messages such as: “your account will be deleted if you do not click the link in less than 24 hours.” Any email with this type of message is very susceptible to being part of a phishing attack , since no company sends communications of this type. They may also request sensitive data such as phone number, passwords, or bank and credit card information, which should never be provided by email. 

How to avoid phishing?

There are certain rules to avoid phishing:

  • Never deliver confidential data by email.  Under no circumstances do any entities such as banks or companies request sensitive data by email.

  • Never click on a link  included in an email if you doubt its origin

  • If in doubt, contact the company or entity to confirm the veracity of the email  

  • Always ignore emails identified as phishing , without responding to them   

  • If you suspect you have been the victim of a phishing attack , immediately change all passwords