Common Phishing Attacks

Phishing is a common way cybercriminals try to steal a person’s personal information or to install harmful software, called malware, on someone else’s computer.

Typically, in a phishing attack, a scammer sends a message – whether over email or social media – that might look like it is from a trustworthy person, company or charity. The message might suggest there is a problem or that someone needs help and that the recipient can take action by clicking a link. That link sends the user to a fake website and captures personal information or secretly downloads malware onto their device.

Below are some of the most common methods of phishing. Learn about more ways to avoid phishing attacks.

Email Phishing

Most phishing attacks use email. A scammer registers a fake domain or website name that mimics a real organization and then sends out thousands of generic requests.

The fake website name often replaces one letter with another. For example, "r" and "n" might be put together to make "rn," which looks like "m." 

Phishing attacks might also use an organization’s name in a fake address (e.g.,, so that a legitimate sender’s name (e.g., PayPal) appears in the recipient’s inbox. 

Always check URLs and email addresses if you’re asked to click a link or download an attachment.

Spear Phishing

Spear phishing is when a cybercriminal sends a harmful email to a specific person that includes personal information to better trick them. That information might include the person's:

  • Name
  • School or employer 
  • Grade level or job title 
  • Email address 
  • Details about their school or job role

Smishing & Vishing

In smishing, scammers send text messages. Vishing involves telephone calls. In both, like in email phishing, scammers try to trick the recipient into clicking on a link or attachment or sharing personal information. 

Angler Phishing

Angler phishing involves using social media to trick people into giving up sensitive information or downloading malware. 

Scammers might use fake URLs, instant messaging and cloned websites, as well as posts and tweets. Highly targeted attacks might also be based on information that people willingly post on social media. That information includes geotagging, names, birthdays and vacations.