Home/Glossary/Phishing

Phishing

A social engineering attack that uses fraudulent communications to trick recipients into revealing sensitive information or installing malware.

Threat IntelligenceAlso called: "phishing attack", "email phishing", "credential phishing"

Phishing exploits human psychology to bypass technical security controls, making it one of the most effective attack vectors.

Common phishing techniques

  • Email phishing: Mass campaigns impersonating trusted brands (banks, IT support, delivery services).
  • Spear phishing: Targeted attacks using researched information about specific individuals or organizations.
  • Whaling: High-value attacks targeting executives and decision-makers.
  • Smishing: Phishing via SMS text messages with malicious links.
  • Vishing: Voice phishing using phone calls to extract information or credentials.
  • Clone phishing: Duplicating legitimate emails with malicious links or attachments swapped in.

Red flags to watch for

  • Urgent language pressuring immediate action.
  • Requests for credentials, payment, or sensitive data.
  • Suspicious sender addresses that mimic legitimate domains.
  • Unexpected attachments or unfamiliar link destinations.
  • Generic greetings instead of personalized names.
  • Poor grammar, spelling errors, or awkward phrasing.

How to prevent phishing

  • Implement email authentication (SPF, DKIM, DMARC) to block spoofed senders.
  • Deploy advanced email filtering with link and attachment sandboxing.
  • Train employees regularly with simulated phishing campaigns.
  • Require multi-factor authentication (MFA) to limit credential theft impact.
  • Use password managers to prevent credential entry on fake sites.
  • Establish out-of-band verification for sensitive requests (call back using known numbers).
  • Report and analyze phishing attempts to improve defenses.

Related Tools

Related Articles

View all articles
📄

Zero Trust Access Compared: Cloudflare Access vs AWS Verified Access vs Azure Entra vs Google BeyondCorp

A deep technical comparison of Zero Trust Network Access platforms — Cloudflare Access, AWS Verified Access, Azure Entra Private Access, and Google BeyondCorp Enterprise — covering architecture, identity integration, device posture, pricing, and migration strategies.

Read article →
📄

Email Services Compared: Cloudflare Email Routing & Area 1 vs AWS SES vs Azure vs Google Workspace

A technical comparison of email services across Cloudflare, AWS, Azure, and Google — covering email routing, transactional sending, email security, authentication (SPF/DKIM/DMARC), and how each provider approaches the email stack.

Read article →
Biometric Authentication: Understanding FAR, FRR, and CER for Security Professionals

Biometric Authentication: Understanding FAR, FRR, and CER for Security Professionals

Master the critical metrics behind biometric authentication systems including False Acceptance Rate (FAR), False Rejection Rate (FRR), and Crossover Error Rate (CER). Learn how to evaluate, tune, and deploy biometric systems across enterprise, consumer, and high-security environments.

Read article →
Threat Modeling with STRIDE and DREAD: A Complete Guide to Proactive Security Architecture

Threat Modeling with STRIDE and DREAD: A Complete Guide to Proactive Security Architecture

Master threat modeling with STRIDE and DREAD frameworks to identify, classify, and prioritize security threats before they become vulnerabilities. This comprehensive guide covers data flow diagrams, mitigation mappings, MITRE ATT&CK integration, and building an enterprise threat modeling program.

Read article →

Explore More Threat Intelligence

View all terms

Advanced Persistent Threat (APT)

A sophisticated, long-term cyberattack where an intruder gains unauthorized access and remains undetected for an extended period to steal data or cause damage.

Read more →

Credential Stuffing

An automated attack that uses stolen username/password pairs from data breaches to gain unauthorized access to user accounts on other services.

Read more →

IP Reputation

A trustworthiness score (0-100) assigned to IP addresses based on observed malicious behavior, spam activity, and threat intelligence data.

Read more →

Keylogger

Malicious software or hardware that secretly records keystrokes to capture passwords, credit card numbers, and other sensitive information typed by users.

Read more →

Malware

Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems and data.

Read more →

Supply Chain Attack

A cyberattack that targets less-secure elements in an organization's supply chain—vendors, software dependencies, or service providers—to compromise the ultimate target.

Read more →
Back to glossary