Introductory Guide: Phishing

Introductory Guide: Why do people click on phishing links?
Why do people click on phishing links? This guide introduces the main approaches to phishing and the reasons people fall for it.

Phishing is the attempt to gain personal information through the use of fake emails and websites. Fraudsters typically masquerade as reputable organisations or trustworthy individuals and persuade people to disclose personal information by clicking on links or filling in forms. Based on work by CREST researchers Adam Joinson and Joanne Hinds we have published an introductory guide to help individuals and organisations understand some of the techniques used by fraudsters and what they can do about them. The guide outlines:

  • Different techniques – the approaches used to target individuals and companies (incuding spear and clone phishing and whaling)
  • The various types of influence techniques – communication methods and emotional strategies used to encourage users to click on links
  • Strategies that users and organisations can implement to avoid phishing attempts being successful

You can download the guide here: 16-004-01.pdf.
The guide will take five minutes to read.


Creative Commons License
As part of CREST’s commitment to open access research this guide is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. For more details on how you can use our content read this.