A social engineering attack that tricks people into revealing credentials or sensitive data, usually through deceptive messages.
Phishing uses fraudulent emails, messages, or websites that impersonate a trusted source to lure victims into handing over passwords, clicking malicious links, or transferring money. Targeted variants include spear phishing, aimed at specific individuals.
Because it exploits human trust rather than technical flaws, defense combines technical filters with awareness training and strong authentication such as MFA.
KaitoSec