What is definition of phishing?

According to a recent infographic produced by via resource, 37.3 million users were subject to phishing attacks in 2012, but what definition of phishing is being used? What does phishing actually mean?

As consumers increase the amount of time that they spend online, cybercriminals are ramping up their productivity – launching larger, more efficient and increasingly targeted attacks against brands both in and outside the financial services industry.

PhishMe delivers email-based anti-phishing solutions. Through our interactions with prospects and customers, we’ve realized that there are several different definitions of phishing floating around and that often the term “phishing” is used interchangeably with terms like “malware” and “spam”.

What’s in a word? Well, it’s an important distinction. While both phishing, malware and spam are rampant in today’s threatscape, they are not one and the same. Pure phishing threats are analyzed and acted upon differently than spam and malware.

A general definition of phishing by Wikipedia:

“Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.”

Phishing is, admittedly, a wide-reaching term. There are several ways to carry out a phishing attack, which is likely where some of the confusion comes into play. In the broad sense, you could say that phishing is any attempt on behalf of a cybercriminal to steal credentials. This can be carried out via a phishing website where the victim is prompted to enter his credentials or via a malicious executable.

At PhishMe, we categorize a malicious threat as phishing according to the following two rules:

  1. If the page is representing a brand and asks for any login/personal information.
  2. If the URL is not say “companyname.com, and if you do a Whois on it, the domain is not registered to that company name. So, if the URL is ilikepuppies.com and displays the logo of a major brand, it is trying to make itself look like that major brand.

What’s the difference between Phishing and Malware?

The relationship between phishing and malware is a bit blurry, mostly because they often work together to achieve the goal of the cybercriminal. In fact, the term “malware” is often included in phishing discussions.

Now that being said, here is Wikipedia’s malware definition:

“Malware, short for malicious software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. ‘Malware’ is a general term used to refer to a variety of forms of hostile or intrusive software.”

“….Malware includes computer viruses, ransomware, worms, Trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software and other malicious programs; the majority of active malware threats are usually worms or Trojans rather than viruses…”

One key distinction is that not all malware is delivered via email. Malware converges with phishing when it is being used as an accessory to execute the phishing attempt.

When it comes to defining today’s malicious threats, where do you encounter confusion? How do you differentiate between them? Share your thoughts in the comments section below.

PhishMe and FireEye Partner to Offer Multi-Layered Approach to Securing Critical Information and Networks
Allan Carey Joins PhishMe as Vice President of Marketing

Leave a Reply