Phishing.org provides great examples of common phishing attempts and prevention methods to minimize your risk of being susceptible to those attacks. Hackers may use different phishing methods to trick you into providing sensitive informaiton such as your log in details.
Email / Spam
This is the most common phishing technique where hacksers send the same email to millions of users with a request to fill in personal details. Most of the messages have an urgent note that requires the user to enter credentials to update account information, change details, or verify accounts. It is important that users look at the sender email, and verify any links before clicking or responding to emails from unknown sources.
Targeted attacks in which the hacker knows which specific individual or organization they are after. They do research on the target in order to make the attack more personalized and increase the likelihood of the target falling into their trap.
Hackers may send a link to a user from a malicious website. When the user clicks on the deceptive link, it opens up the phisher's website instead of the website mentioned in the link. Hovering the mouse over the link to view the actual address stops users from falling for link manipulation.
Vishing (Voice Phishing) In phone phishing, the hacker makes phone calls to the user disguised as a source the user would be familiar with such as their bank. They may ask the user to dial a number or prompt the user to change their password on their account. The purpose is to get personal information from the user through the phone.
Refers to malware use to identify inputs from the keyboard. The information is sent to the hackers who will decipher passwords and other types of information. Some websites use mouse clicks to make entries through a virtual keyboard to prevent key loggers from accessing personal information.
Phishing scams involving malware require it to be run on the user's computer. The malware is usually attached to the email sent to the user by the phishers. Once users click on the link, the malware will start functioning. Sometimes, the malware may also be attached to downloadable files.