What is Phishing?

Phishing is a social engineering attack in which an attacker sends fraudulent messages, typically via email, designed to trick the recipient into revealing sensitive information or clicking a malicious link. Spear phishing targets specific individuals, while whaling targets senior executives. Penetration testing providers often run simulated phishing campaigns to test employee awareness and measure an organisation's susceptibility to these attacks.