What is Phishing vs. Spearphishing?

Excerpted from The Password Book.

One of the most common ways to be scammed online is to fall victim to a “phishing email.” (See http://jmlinks.com/36h for a definition).

Keyword Theory and SEO

Photo credit: John D F via Foter.com / CC BY

You are sent an email that purports to be from a friend or relative, your bank or credit card company, PayPal, Google, or Facebook, or perhaps one that claims you’ve won a sweepstakes or even a large sum in the lottery. All you have to do is click on an attachment, which may look like a harmless Microsoft Word document or even a common Adobe PDF. Another variant is to trick you into “reverifying” your login and password at a “spoofed website,” a website that looks like Amazon, Gmail, Facebook, etc., but really isn’t.

By clicking on the email attachment, however, you install a virus or malware program to your computer that surreptitiously gives the thieves full control of your device. Or, if you reverify on the phony website, you’ve given the thieves access to your account. If you fall for it, in other words, you’ve been “phished.”

And if you think you’re too smart to be “phished” by phone or by email, yet another variant of phishing is spearphishing, in which first they “phish” a friend of yours, and then they impersonate that friend via email or Facebook to trick you into clicking on an attachment or providing key information. In this template, you don’t get an email that pretends to be your bank, Amazon, Facebook, Gmail, AOL, etc., but rather you get an email that pretends to be a friend or colleague, and that email tricks you into giving out required information. The spearphishing request can come by email but scammers can also use Facebook messenger or posts, or any other communication technology. (This is how John Podesta, Chairman of Hillary Clinton’s 2016 Presidential Campaign was tricked into giving access to his emails, and – as they say – the rest is history).


Photo credit: John D F via Foter.com / CC BY

This entry was posted in Blog and tagged , on by .

About Jason McDonald

Jason McDonald is a top-rated San Francisco SEO Consultant. His consulting services include search engine optimization consulting, social media marketing consulting, and Google AdWords consulting. Jason's motto as a consultant is that he doesn't do SEO 'for you' but rather he does SEO 'with you.' That goes as well for his social media marketing consultant activities and Google AdWords consultant services. Besides serving clients in the San Francisco Bay Area, Jason consults with clients in Silicon Valley (San Jose), Oakland and other cities throughout the Bay Area. Beyond the Bay Area, Jason is available as an SEO consultant, Social Media Consultant, and as an expert witness in litigation involving social media marketing, search engine optimization and pay-per-click advertising.