Phishing is an attempt by an attacker to obtain sensitive information from the company such as: usernames, passwords, or credit card information. The attacker tries to trick the victim by posing as a trustworthy person. Phishing is carried out over electronic communications such as email, phone, IM, or text messaging. There are many types of phishing attacks: Spear Phishing, SMS Phishing (Smishing), Voice Phishing (Vishing), and Whaling.

Spear Phishing

Typically, phishing is carried out by sending as many messages to as many people as possible in the hopes that someone falls for the scam and takes the bite. Spear Phishing is when a phishing message is specially crafted for individuals and not for a broader group.

SMS Phishing

Phishing over SMS Messages.

Voice Phishing

Social engineering over the phone.

Whaling

Like Spear Phishing, only targeted at high level members of the organizations such as the CEO.