Sketchplanations

Explaining one thing a week in a sketch

Types of phishing: phishing, spear-phishing, whaling explained — 3 common types of phishing communications are shown from the impersonal, wide phishing net email, thrown out to a large population; to more personalised "spear-phishing", picking you off with a harpoon gun; to whaling, where scammers go after high profile targets like CEOs.

Types of phishing

Phishing is tricking people into sharing personal details and logins by pretending to be someone else, and it's surprisingly effective. Some of the smartest people I know have been taken in by it and it only takes a moment’s lapse in concentration or uncertainty to fall for it. The maths is simple: it barely costs anything to send an email to 100,000s of people and it only needs a few people to get caught in the net for it to pay off.

Also, look out for targeted spear-phishing attacks where scammers may seem to know specific details about yourself to make the attack more credible. Or what’s known as whaling — the targeting of high-profile figures such has heads of companies or celebrities with elaborately planned and sometimes very convincing schemes.

Stay vigilant people.

You can also check if you’ve been caught in a data breach at: Have I been Pwned.

I updated this image for my book Big Ideas Little Pictures

Also see:

Buy Me A Coffee