Definition

Phishing is a fraud technique that impersonates a trusted organisation (bank, telco, well-known brand) to steal sensitive information: credentials, passwords, payment data. It typically uses fraudulent emails and websites that mimic legitimate ones.

Link with brand protection

Phishing is one of the main goals of cybersquatting, typosquatting and combosquatting. A brand repeatedly targeted suffers:

• Loss of customer trust
• Heavy legal and customer support workload
• Risk of data leaks and GDPR fines

Best practices

• Configure SPF, DKIM and DMARC to authenticate emails
• Monitor domain registrations close to your brand
• Set up a takedown workflow with registrars and hosts
• Train customers and employees to spot phishing signals
• Integrate phishing monitoring into overall cybersecurity