Security for everyone

How to Detect a Phishing: Attack Types, Real Life Examples


Security for Everyone


Top 22 Methods to Detect a Phishing: Attack Types, Real Life Examples

Google was reported to block around 100 million phishing emails each day. The variety and sophistication of phishing attacks have increased. Attackers have been sending more emails in their campaigns, with a notable rise in the sophistication of these threats. Approximately 96% of organizations reported experiencing at least one phishing attack in the previous year. Phishing has also become a primary delivery method for ransomware, underlining the close link between these types of cyber threats [1]

Phishing attacks are widely used by cyber attackers for reasons such as not requiring much knowledge to implement and not requiring any vulnerabilities in target systems. 

What is Phishing Attack?

A phishing attack is a type of fraud that aims to persuade users to provide personal information, especially identity and financial information, usually through a fake email, message or website. [2]

Most used phishing attack methods

Phishing attacks are cyber attacks that aim to steal sensitive information from victims, often using social engineering tactics. Here are the most common types of phishing attacks:[3]

  1. Typosquatting: Creating fake websites using similar domain names by taking advantage of users' typos.
  2. Whaling: A subtype of spear phishing that targets senior executives.
  3. Smishing (SMS Phishing): Phishing via SMS messages.
  4. Vishing (Voice Phishing): Phishing carried out through phone calls.
  5. Pharming: Redirecting DNS queries to a malicious site to deceive users.
  6. Spear Phishing: More personalized email phishing targeting specific individuals or organizations.
  7. Business Email Compromise (BEC): Hijacking and fraud of business email accounts.
  8. Watering Hole Phishing: Placing malware on trusted sites frequented by a specific group or organization.
  9. Email Phishing: General email phishing targets individuals through deceptive emails.
  10. Angler Phishing: Phishing via social media disguised as a customer service representative.
  11. Website Spoofing: Creating fake copies of legitimate websites to deceive users.
  12. Social Media Phishing: Phishing attacks carried out through social media platforms.
  13. Clone Phishing: Re-sending an email containing a malicious link or attachment by creating a copy of a real message.
  14. Search Engine Phishing: Leverages search engine results to direct users to deceptive web pages.
  15. Interview Phishing: Targets job seekers to obtain information about the target organization under the guise of a job interview.
  16. Pop-Up Phishing: Uses deceptive pop-ups that if users click on, they can download malware or be redirected to malicious sites.
  17. Image-Based Phishing: Images that contain malicious links or are designed to deceive users are used.
  18. HTTPS Phishing: Uses URLs that appear to be safe, but redirect to malicious websites.
  19. DNS Spoofing: Phishing by redirecting DNS queries to a malicious site.
  20. Email Spoofing: Fraudulent change of the sender's email address to appear as someone the recipient knows.
  21. Man-in-the-Middle (MITM) Phishing: Interrupting the communication flow and seizing data exchange between two parties.
  22. Evil Twin Phishing: Phishing via malicious Wi-Fi hotspots.

3 Sample Real Life Phishing Scenario

In a sophisticated cybercrime case investigated by Dubai, AI voice cloning was used to deceive a branch manager into transferring $35 million, believing he was speaking with the director of his company. This heist, involving at least 17 individuals and international transfers, underscores the growing threat of deep fake technology in financial fraud [4]. 

Pepco Group, the European retailer operating the Pepco, Poundland, and Dealz brands, lost €15.5 million due to a sophisticated phishing attack on its Hungarian business. The attack's nature suggests it might involve business email compromise (BEC), and despite ongoing efforts with banking partners and police, it's uncertain if the lost funds can be recovered [5]. 

A global scam targeting WhatsApp users with fake job offers has defrauded people out of an estimated €100 million. Victims received phishing messages impersonating reputable firms, promising lucrative jobs paid in cryptocurrency, leading to significant financial losses and highlighting the dangers of sophisticated online scams [6]. 

Type of Phishing Attacks That has Own Names

Self-titled phishing attack types are cyber attacks that are named according to specific targets or methods and aim to leak information, usually using phishing tactics. Here are some:








Fake websites

General public

Exploits users making typographical errors when entering a website address to redirect them to malicious sites.



Customized emails

High-profile individuals

Targets high-profile executives with personalized phishing attacks to steal sensitive information.



SMS messages

General public

Uses deceptive text messages to trick individuals into visiting malicious sites or divulging personal information.



Phone calls

General public

Involves phone calls to deceive individuals into giving out personal or financial information.



DNS poisoning

General public

Redirects users to fraudulent websites without their knowledge to steal personal information, usually through DNS hijacking.


Spear Phishing

Customized emails

Specific individuals or organizations

Involves highly personalized emails to trick specific individuals or organizations into revealing sensitive information.


Business Email Compromise (BEC)

Fake or compromised email accounts

Companies, high-ranking officials

Attempts to deceive employees into making financial transactions or revealing sensitive information by impersonating company officials or using compromised email accounts.


Watering Hole Phishing

Malicious software on trusted sites

Specific groups or organizations

Placing malicious software on websites frequented by the target group or organization.


Email Phishing

Deceptive emails

General public

General phishing attacks using deceptive emails to target individuals.


Angler Phishing

Impersonating customer service on social media

Social media users

Phishing on social media by impersonating customer service representatives.


Website Spoofing

Fake copies of legitimate websites

General public

Creating fake copies of legitimate websites to deceive users.


Social Media Phishing

Attacks through social media platforms

Social media users

Phishing attacks carried out through social media platforms.


Clone Phishing

Altered copies of legitimate messages

Email users

Sending altered copies of legitimate messages with malicious links or attachments.


Search Engine Phishing

Misleading search engine results

Search engine users

Using misleading search engine results to direct users to deceptive web pages.


Interview Phishing

Job interview scams

Job seekers

Targeting job seekers with fake interviews to gather information about the target organization.


Pop-Up Phishing

Deceptive pop-up ads

General public

Using deceptive pop-up ads that may download malware or redirect to malicious sites upon clicking.


Image-Based Phishing

Malicious images

General public

Using images containing malicious links or designed to deceive users.


HTTPS Phishing

Misleading secure URLs

General public

Using URLs that appear secure but lead to malicious sites.


DNS Spoofing

Redirecting DNS queries

General public

Redirecting DNS queries to malicious sites.


Email Spoofing

Altering sender email addresses

Email users

Altering sender email addresses to appear as someone the recipient knows.


Man-in-the-Middle (MITM) Phishing

Intercepting data exchange

Any communication party

Intercepting the exchange of data between two parties to steal information.


Evil Twin Phishing

Malicious Wi-Fi hotspots

Wi-Fi users

Creating malicious Wi-Fi hotspots to intercept data from connected users.

22 Methods To Detect Various Types Of Phishing Attacks

Since phishing attack techniques are very diverse, the importance of detecting each attack technique and taking it when detected is different. The table below explains how to detect attack types and the precautions to be taken when detected.

Attack Type

How to Detect



Unexpected or strange URL structures.

Use bookmarks, verify URLs.


Unusual requests for sensitive information.

Secondary verification, executive training.


Unsolicited SMS messages with links.

Don’t click links, verify sender.

Vishing [7]

Suspicious phone requests for personal info.

Hang up and call back using an official number.


Misdirection to an unexpected website.

Use HTTPS, update security software.

Spear Phishing

Highly personalized but unsolicited emails.

Use email filters, verify unusual emails.

Business Email Compromise (BEC)

Unexpected email requests for financial transactions.

Two-factor authentication, verify requests.

Watering Hole Phishing

Trusted sites behaving oddly or requesting downloads.

Keep software updated, use network security tools.

Email Phishing [8]

Generic greetings, spelling errors, or suspicious links.

Don't click on links/attachments, use spam filters.

Angler Phishing

Customer service requests over social media.

Contact company directly, limit online personal info.

Website Spoofing [9]

Websites that look slightly off or have strange URLs.

Check for HTTPS and URL legitimacy.

Social Media Phishing

Unsolicited messages or friend requests on social media.

Adjust privacy settings, verify messages.

Clone Phishing

Emails that seem to be resendings of previous messages.

Verify email changes, be cautious of resends.

Search Engine Phishing

Too-good-to-be-true offers or deals in search results.

Use reputable search engines, verify deals.

Interview Phishing

Job offers or interviews that ask for personal info.

Verify company and role, avoid upfront personal info.

Pop-Up Phishing

Unexpected or aggressive pop-ups asking for information.

Use pop-up blockers, never input info into pop-ups.

Image-Based Phishing

Links or calls to action within images.

Avoid unsolicited images, disable image auto-load.

HTTPS Phishing

Use of HTTPS in the URL to appear trustworthy.

Be skeptical of secure URLs, verify website authenticity.

DNS Spoofing

Unusual web behavior or redirection.

Use secure networks, be wary of DNS changes.

Email Spoofing

Mismatch between the sender's name and email address.

Check email address carefully, use email security features.

Man-in-the-Middle (MITM) Phishing

Unexpected interruptions during transactions.

Secure communications, use encryption.

Evil Twin Phishing

Wi-Fi networks that resemble legitimate ones.

Avoid public Wi-Fi, verify network authenticity.

Top 14 Methods to Minimize Risk of Phishing Attack

Precautions to be taken to protect against phishing attacks are listed below.

  1. Use Updated Security Software and Firewalls: Install and keep your security software, firewalls, and network protections up to date to defend against malware and other threats.
  2. Implement Two-Factor Authentication (MFA): Use Multi-Factor Authentication (MFA) wherever possible to add an extra layer of security to your accounts, making it more difficult for attackers to gain unauthorized access.
  3. Regularly Update All Software: Ensure all software, including operating systems and applications, are kept up to date with the latest security patches and updates.
  4. Educate Your Employees: Stay informed about the latest phishing techniques and educate employees, friends, and family on how to recognize phishing attempts.
  5. Use Reputable Search Engines and Verify Websites: Always verify the authenticity of websites, especially before entering sensitive information, and use reputable search engines for your searches.
  6. Adjust Privacy Settings on Social Media: Be cautious of unsolicited contacts by adjusting your privacy settings to limit who can view your information and contact you.
  7. Verify Requests Through Secondary Channels: Do not rely solely on email or phone; verify significant requests, especially those involving financial transactions or sensitive information, through secondary channels.
  8. Use Secure and Encrypted Communications: For sensitive transactions, ensure that communications are secure and encrypted to prevent interception by attackers.
  9. Be Skeptical of Unsolicited Requests: Approach unsolicited requests for information with skepticism, whether they come via email, phone, SMS, or social media.
  10. Regularly Monitor Accounts: Keep an eye on your financial and personal accounts regularly for any unusual activities or unauthorized transactions.
  11. Regularly Change Passwords: Make it a habit to change your passwords regularly and use strong, unique passwords for each of your accounts to prevent unauthorized access. [10]
  12. Use Anti-Malware Software: Deploy anti-malware solutions across your devices to detect and remove malicious software that might have been installed without your knowledge.
  13. Mail Security for Organizations: For organizations managing their email services, implement advanced mail security solutions that include spam filters, phishing detection, and email authentication protocols.
  14. Cloud Services Security: For organizations utilizing cloud services, ensure that cloud platforms and applications are configured securely, and utilize cloud security tools to monitor and protect data.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture