Phishing is a tactic that cybercriminals use where they attempt to lure you into clicking a link or opening an attachment with the goal of obtaining sensitive data, stealing money, or installing malware. These attacks are becoming more sophisticated than ever and often are sent via email, webistes, or even text messages. The communication often looks like it is coming from a legitimate source (e.g. your financial institution, a social site, the IRS, or similar). Spear Phishing is a targeted approach that attack a specific identified user. Often in this methodology, the cybercriminal will create a fake email that looks almost identical to a normal one that you may receive from a co-worker, customer, or vendor. It can be very difficult to identify the difference between a real email or a malicious one.
Defendify Tip: Always be on the lookout for emails with typos and poor grammar, unexpected messages insisting urgent action, or requests that you click a link open an attachment, enter your credentials, or make a payment.