We're thrilled to announce £5.5million Series A funding from Gresham House Ventures. Click to find out more!
Email Phishing Explained - ‘Foot In The Door’ For Hackers

Email Phishing Explained - A ‘Foot In The Door’ For Hackers.

Get insights into email phishing from an Ethical Hacking Veteran. Learn common tactics with real-world examples and practical tips for businesses & Individuals

Conor O'Neill
Conor O'Neill
Founder & Chief Product Officer
August 01, 2019

What is Email Phishing a Definition

‘Phishing’ is a cyberattack in which email is the weapon. Victims are tricked into thinking an email is from a legitimate source. The email then lures them into taking some action, either providing sensitive data, downloading a file or simply clicking a link.

The term "Phish" is pronounced as it's spelled. It’s an analogy for fishing: casting out baited hook hoping someone bites. The term first arose in the mid-1990s making it one of the oldest types of cyber attacks around. Unfortunately, it’s very still lucrative and as a result remains one of the most popular types of cyberattack globally. 

A phishing attack is often just a ‘foot in the door’ for a hacker, and if it's successful it can lead on to more devastating results for an organisation; stolen funds, IP, customer data all of which lead to lost reputation and consumer trust.

Many of the most famous hacks in history, began life as humble phishing attacks...

##Real-life examples of successful Email Phishing attacks

##What is a Phishing Kit? A phishing kit is simply a bundle of web resources and tools that a hacker installs on a server to send out emails to mailing lists of victims. The ready availability of Phishing kits on the Dark Web means that criminals need not have any technical skills to launch successful phishing campaigns to millions. This ease of use is one of the main reasons why the number of emails in circulation just keeps growing.

##What is Spear Phishing? In the more sophisticated attacks, hackers will masquerade as somebody the target will plausibly trust like a real person from a company they do business with. They’ll be asked to provide sensitive data such as banking and credit card details, and passwords.


Feel free to connect with him on LinkedIn or get in touch with us at OnSecurity to discuss how we can help protect your business from Email Phishing campaigns.

More recommended articles

© 2024 ONSECURITY TECHNOLOGY LIMITED (company registered in England and Wales. Registered number: 14184026 Registered office: Runway East, 101 Victoria Street, Bristol, England, BS1 6PU). All rights reserved.