12 phishing methods

There are several forms of phishing . However, it always boils down to the same thing: a third party tries to get personal information from you - passwords, credit card numbers, etc.

The 12 most common phishing methods 

1. e-mail spoofing

How does it work? The criminal uses a fake e-mail address. This makes it look like the email is from someone you know or a company you are a customer of. The criminal then asks you to click on a link, and/or log on to a site and take a particular action, such as sharing a file. 

Here's how to avoid it: check to see if your name is listed as the recipient, or if there are many others you don't know. If you are or not a customer of the company in question, or maybe not with that email address? In these cases, avoid following the instructions. 

2. URL Phishing

How does it work? The fraudster sends you, by way of a message or an e-mail, a web address (URL) which at first sight may seem reliable. Behind the link you will find a completely different address... One of the following techniques can be used for this:

  • The phisher hides the address behind a "Click here" or "Subscribe" button

  • You can't read the web address, because it is shortened by a special program, it can look like this for example t.co/xz92drTT92

  • The web address contains the name of a known company, but is misspelled, e.g. citiibank.com instead of citibank.com

  • The fraudster plays around with similar looking letters, such as arnazon.com instead of amazon.com, or Faceb00k.com instead of Facebook.com

  • The domain name looks legitimate, but is in fact a sub-domain of another domain name, for example https://inlog.dnsbelgium.be.trading.be/inlog. Here, the real domain name is trading.be, and dnsbelgium.be is a subdomain of trading.be

Here's how to avoid it: check the address before clicking on a link.

  • Place your cursor over the link. The full link will appear on the screen.

  • On a mobile device, long press on the link, the whole link will pop up on the screen.

  • You can also right-click and copy the link to your notes.

  • Check the domain name. Read from right to left - the combination of words BEFORE the / is the domain extension, to the left of that you have the domain name. If it's before that it's a sub-domain.

3. Clone phishing 

How does it work? Criminals create a perfect copy, or clone, of an email you are used to receiving, such as your credit card payment statement. They replace the link in the email with a link to their fraudulent website, or the attachment with a file containing a virus, ransomware, or spyware. 

Here's how to avoid it: Don't react to the e-mail if the sender's address deviates from the norm, if there are spelling mistakes in the e-mail or if the message was sent at an unusual time. 


4. Invoice phishing

How does it work? The criminal sends you a message by email or text message, notifying you that you need to make an urgent payment on a particular account number. Often the message will contain a link to pay directly online.

Some examples of messages that have been circulating recently: 

  • Bpost will notify you that your parcel cannot be delivered until additional costs are paid.
  • A bailiff notifies you that you have forgotten to pay a tax, and that you must pay it urgently to the collection agency.
  • A French collection agency tells you that you have committed an offence in France and that they have been instructed to collect the fine.

Here's how to avoid it: Check the facts. Were you really in France on the date in the message? What tax is involved? Were you really expecting a parcel from Bpost?


5. Phishing by shared documents 

How does it work? The fraudsters send you a well-written message that your colleague has shared a document with you via Dropbox, OneDrive or WeTransfer. If you click on the link in the message, you will land on a website copied from the service in question. The site asks for your name and password from the service in question, or from your Microsoft365 account. 

Here's how to avoid it: Don't give your name and password. Normally you are logged in to these services on your computer all the time. Not sure? Contact your colleague and check whether he or she has sent you a document. 

6. Phishing by smartphone app

How does it work? Fraudsters develop a simple application, but add in the small print that the application must also have access to data in your cloud. You potentially keep your address book (names, phone numbers, email addresses) there. With this data fraudsters can attack your contacts. 

Here's how to avoid it: Only download applications from official services. Look at the reviews before installing the application. If the application asks for access to your personal data, your contacts, your location, check if this access is really necessary for the application to work. 


7. Phishing by pop-up 

How does it work? You are visiting a normal website. Suddenly, a pop-up appears with the message that you need a particular software for your video for example. If you click on it, the software starts downloading. In Malvertising this technique is often used. For more information: 'Malvertising fraud'.  

Here's how to avoid it: Close the window. Sometimes the window does not disappear by clicking on Escape or on the cross in the upper right corner. Close the entire page. 


8. Phishing by search engine

How does it work? Fraudsters build a perfect copy of a well-known company's website. They buy advertising space on Google: every time a user searches for this company, the ad from this fraudulent site will appear. If you type the company's name into Google, the attackers' website will appear at the top of the search results, among the sponsored links

Here's how to avoid it: Google ads are recognisable by the word "Ad" written next to the link. Avoid these ads. Be especially wary of being lured by extra discounts and great offers. If you know the company's web address, just type it into the address bar.  


9. Phishing by bypassing filters

How does it work? Your email and antivirus filters alert you when you click on a suspicious link to open it in your browser . The attacker then makes the link unclickable and asks you to copy and paste the link into your browser. This allows the fraudster to bypass the filters.  

Here's how to avoid it: Don't copy a link you don't trust. 

10. Catphishing 

How does it work? The fraudster creates a fake online profile. Through a dating site, the fraudster tries to contact you and establish a (romantic) relationship. In this way, the fraudsters can use this information in other phishing attacks. Or they can get money from you, pretending to be in love with you. 

Here's how to avoid it: Be suspicious when your contact immediately asks you for very personal information. The fact that your contact postpones a planned meeting until the last minute should also be a red flag. So should pathetic stories about a sudden need for money, a sick family member, ... 


11. Business Email Compromise 

How does it work? Fraudsters first try to find out as much information as possible about a company's CEO through spear phishing. They then target a key person in the finance or accounting department of that company. They pretend to be the CEO, and ask for a payment to be made

Here is how to avoid it: Check that the account number of the payment matches previous payments. Contact the financial manager yourself and ask if the payment order is correct. 


12. The "Nigerian Prince" scam 

How does it work? The fraudster pretends to be the solicitor of a rich deceased person who left you the inheritance.  But before you receive the inheritance you have to provide your bank details...  

Here's how to avoid it: Never give your bank details or account number to strangers. 


What is phishing and how do you protect yourself against it?