Fundamentals to Countering Fraud; Phishing

Last updated: July 5, 2021
Categories: Fact Sheets

Fundamentals to Countering Fraud; Phishing

Last updated: July 5, 2021
Categories: Fact Sheets


What is Phishing? 

Phishing is a broad term for any fraudulent messages that aim to trick its receivers into revealing sensitive info.

The attacker usually ‘spoofs’ (alters) their address/number to disguise themselves as someone known to the victim, or someone in a position of influence.

Types of Phishing

Many terms have been coined for phishing targeted at particular victim types or methods of distribution.

Examples of distribution methods 

  • Smishing – phishing conducted via text messages or messaging services.
  • Vishing – phishing conducted via voice, usually by phone.
  • Page hijack/clone – phishing conducted via an altered website that looks legitimate, but gathers the victim’s data.
  • Clone Phishing – phishing conducted via a cloned, previously legitimate email which has had it’s attachments/links changed.

Examples of victim types 

  • Spamming – phishing conducted without any particular target in mind.
  • Spear phishing – phishing aimed at a particular person or organisation.
  • Whaling – phishing aimed at a CEO, manager or senior official.

Protecting yourself 

  • Never reveal sensitive information to any unknown persons via email/message, or follow any unknown links.
  • Email or call the person directly who has requested payment/sensitive information.
  • Make sure a spam filter is enabled on your email account.
  • Enable Two Factor Authentication on all possible accounts.


Click the link to download a pdf of the factsheet