Why do people click on phishing links? This CREST guide introduces the main approaches to phishing and the reasons people fall for it.
Phishing is an attempt to gain personal information through the use of fake emails and websites. Fraudsters typically masquerade as reputable organisations or trustworthy individuals and persuade people to disclose personal information by clicking on links or filling in forms.
This guide aims to help individuals and organisations understand some of the techniques used by fraudsters and what they can do about them.
The guide outlines:
- Different techniques – the approaches used to target individuals and companies (including spear and clone phishing and whaling)
- The various types of influence techniques – communication methods and emotional strategies used to encourage users to click on links
- Strategies that users and organisations can implement to avoid phishing attempts being successful.
As part of CREST’s commitment to open access research, this text is available under a Creative Commons BY-NC-SA 4.0 licence. Please refer to our Copyright page for full details.