What is phishing? No, it's not a misspelling of your favorite aquatic hobby, nor is it a nickname for what people do at Phish concerts. Phishing is a technique Internet-based criminals use to trick you into giving up your personal information. It's also referred to as social engineering — but these are just nice-sounding names for the predatory behaviors of digital con artists and fraudsters.
Phishing attacks take place through various forms of electronic communication: email, phone calls, text messages, and social media sites. One highly publicized example of this is the famous “Nigerian prince” scam. You know, the one where an unexpected email claims you can inherit millions of dollars from royalty overseas, but you supposedly need to make the transfer possible by replying with your bank account info, social security number, and/or a small cash deposit.
Then again, many phishing attacks are more stealthy. You may get phone calls that seem to come from government agencies (like the IRS), or receive official-looking messages from what appears to be your bank. There are even entire fake web sites set up to mimic popular real sites, just so they can steal users' passwords. If you browse the Internet, use email, or own a cell phone, you should be aware and cautious of these malicious phishing attacks.
The following infographic from DigitalGuardian provides an in-depth look at the various forms of phishing attacks. It also gives an excellent mental checklist of warning signs to look out for. If enough of these red flags appear, you should stop what you're doing and immediately contact the appropriate authorities. Sites like Google and Facebook also have reporting systems in place, if you think you've witnessed phishing. However, due to the international nature of many phishing attacks, it's difficult to catch and prosecute the perpetrators, so it's crucial to be ever-vigilant about your digital security.
Check out the graphic below, or click here for a full-size version.