11 Types of Phishing Attacks

1. Spear Phishing

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organisation, or business. It is a malicious tactic utilising emails, social media, instant messaging, and other platforms to get users to share personal information or perform actions that can cause network/system compromises or data/financial loss. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware or ransomware on a targeted user’s device.

Typically, spear phishing is used in targeted attack campaigns to gain access to an individual’s account or impersonate a specific individual, such as a ranking official or those involved in confidential processes within the company.

2. Whaling

A whaling attack is a method used by cybercriminals to masquerade as a senior official within an organisation and directly target other ranking or important individuals. The aim of whaling attacks is typically to steal money, gather sensitive information, or gain access to their computer systems for criminal purposes.

Also known as CEO fraud, whaling is similar to regular phishing attacks in that it uses methods such as email and website spoofing to trick targets into performing specific actions, such as revealing sensitive information or transferring funds.

Cybercriminals specifically choose to impersonate someone with senior or influential roles within the organisation. Think of them as the ‘big phish’ or ‘whales’ of the company (i.e., CEO or finance managers). Impersonating people in these roles adds an extra element of social engineering, as staff may be reluctant to refuse a request from someone they deem to be important.

3. Vishing

Voice phishing (shortened to ‘vishing’) is a form of phishing that uses phones to steal confidential information. Vishing relies on convincing victims they are doing the right thing by responding to the caller. Often the scammer will pretend to be calling from the government, tax department, police or the victim’s bank.

Using threats and persuasive language, cyber criminals will make their victims feel like they have no other option but to provide the information requested. Some scammers will use forceful language that suggests they are helping the victim avoid criminal charges, while other scare tactics involve leaving threatening voicemails requesting the victim call back immediately or risk arrest, loss of funds, or worse.

The cybercriminal may ask for bank account information, credit card details, mailing addresses, tax information, or medical records. They may also ask the victim to take action by transferring funds, emailing confidential work documents, or providing details about their employer.

Once the criminal has obtained this information, they may drain the victim’s bank account, commit identity theft, use the victim’s credit card to make unauthorised purchases, or access their email accounts to trick the victim’s colleagues into giving up confidential information.

4. Smishing

SMS phishing (also known as text phishing, or ‘smishing’) is a phishing attack carried out over mobile text messaging. Victims are deceived into giving sensitive information to a disguised attacker. It occurs across many mobile messaging platforms, including non-SMS channels like WhatsApp, Facebook, Instagram or other data-based mobile messaging apps.

Cybercriminals manipulate a victim’s decision-making through three driving factors:

Trust: by masquerading as a legitimate individual or organisations, cybercriminals lower their target’s scepticism.
Context: cybercriminals use a situation could be relevant to targets allows them to build an effective disguise. The message feels personalised, which helps it override any suspicion that it may be spam.
Emotion: by heightening a target’s emotions, attackers can override their target’s critical thinking and spur them into rapid action.

5. Angler Phishing

Angler phishing is a recent type of cyberattack that targets social media users. People disguise themselves as a customer service agent on social media in order to reach a disgruntled customer and obtain personal information or account credentials.

Fake accounts will answer people are airing complaints on social media, and will disguise themselves under a user handle or profile that includes the name of the financial institution with the hopes that upset victims won’t realise they are not a valid account.

Once they have baited their disgruntled victim, the fake account will offer a link they claim will take the victim directly to an agent to talk to them. However, that link will either install malware onto their computer, or lead them to a fake website that will try get information and money from them.

6. Pharming

Pharming is a type of cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. These fake (or ‘spoofed’) websites aim to capture a victim’s personally identifiable information (PII) and login credentials, such as passwords, social security numbers, account numbers and so on, or else they attempt to install pharming malware on their computer. Pharmers often target websites in the financial sector, including banks, online payment platforms, or ecommerce sites, usually with identity theft as their ultimate objective.

7. Pop-up Phishing

Pop-up phishing involves using fraudulent messages that pop up for users when they are surfing the web. Cybercriminals infect legitimate or otherwise trustworthy websites with malicious code that enables these pop-up messages to appear when people visit the website.

Often, these messages warn unsuspecting website visitors about the security of their computer and will prompt the visitor to either download a tool (such as an antivirus application) which is in fact malware, or to call a fraudulent number for support.

Example of successful pop-up phishing:

A potential victim was browsing the internet on his MacBook Pro, when he encountered a pop-up message alerting him to a problem with his computer. The scammers behind the pop-up provided a phone number to call for support.

The cybercriminal disguised as an ‘Apple support representative’ prompted the user to establish a remote connection so the ‘representative’ could diagnose the issue. The scammer showed the user his AppleCare had expired and required renewal for $499 and navigated the victim to a webpage requesting his credit card number for AppleCare renewal.

8. Clone Phishing

Clone phishing refers to an email that has been cloned from an original message sent by an authentic organisation. The cloned email appears to be legitimate and can trick the user into giving up information.

Clone phishing has evolved into a cyber threat that is often targeted at high-profile people such as individuals working in politics, banks, or large enterprises because clone phishing offers a way for attackers to extract sensitive, financial, confidential, or sensitive information.

Some clone phishing messages appear to be sent by a real person at the company the target works for or is involved with and is accompanied by copy and pasted content and information from a genuine message, with links or attachments that have been replaced by malware or fake website. Other spoofed emails include attachments claiming to contain important information such as invoices or shipping notices. Often, these attachments will contain malware or ransomware that compromise the victim’s device.

9. Evil Twin Phishing

An evil twin attack is a form of cyberattack that tricks a victim into connecting to a fake Wi-Fi access point that mimics a legitimate network. It is the wireless version of common phishing attacks. Once a user is connected to the ‘evil twin’ network, cybercriminals can inject malware or access the victim’s network traffic, sensitive data, and private login credentials.

The danger in evil twin attacks is that victims are often not aware they have been targeted by an evil twin attack because, for all intents and purposes, it feels no different from connecting to any other Wi-Fi network. The main difference is that once they have connected, everything they do online can be tracked and even controlled by the cybercriminal. If the victim logs into an unsecured bank or email account, the cybercriminal is able to intercept the login details and transactions.

Once the cybercriminal has identified a Wi-Fi network or hotspot to spoof, they will create a counterfeit wireless access point with the same name, one that closely resembled it or a name that could tempt users (e.g., Free Wi-Fi). Open networks are a prime target as users can connect automatically with requiring a password.

10. Watering Hole Phishing

Watering hole attacks compromise users within a specific industry by infecting websites they typically visit and luring them to a malicious site. Watering hole attacks are also known as strategic website compromise attacks.

Cybercriminals attempting attacks for financial or gain or to build their botnet can achieve this by compromising popular consumer websites. They will look for a known vulnerability in the website, compromise the site, and infect it with their malware before they lie in wait for baited users.

On top of this, attackers will prompt victims to visit the sites by sending them seemingly harmless and highly contextual emails directing them to specific parts of the compromised website. Often these emails seem completely legitimate, as they are sent through the website’s automatic email notifications and newsletters that go out to their client or subscription base.

As with most cyberattacks, the user’s machine may be compromised by a drive-by-download that provides no clues to the victim that their machine has been attacked and compromised by the site.

11. HTTPS Phishing

HTTPS phishing refers to the landing page or watering hole site that a user arrives at. SSL certificates have in the past been a way to ‘prove’ that a website is trustworthy. However, now it has become relatively easy for scammers to encrypt SSL on their fake or spoofed websites. Cybercriminals can now get their own SSL certificates to secure pages used in their phishing campaigns, and can often do so without having to reveal much information about who they really are. Other criminals may abuse pages hosted on cloud services, which sometimes allow them to automatically inherit the security certificate.

eStorm Service Centre

4.6

Based on 120 reviews

review us on

Gary Fraser

01:10 11 Sep 24

Four weeks ago, I took my cracked iPad to this store for repair. The employee behind the counter informed me that because I did not have AppleCare, Apple does not fix iPads but rather replaces them entirely. He advised me to take it to an unauthorized repair shop, despite me explaining that the iPad was less than 12 months old. He insisted that Apple would not fix it.I followed his advice and had the iPad repaired elsewhere. However, it has now stopped charging. When I returned to your store, I was told that because someone had previously opened the device, this store could no longer assist with the repair. The first employee failed to inform me about this critical detail.As a result, I’m now stuck with a $1,300 device that doesn’t work. I feel misled and frustrated by the lack of proper guidance from the staff

Priscilla Parata-Reeves

00:58 03 Sep 24

Top notch customer service ,fast, reliable and trustworthy!My daughter cracked her iPhone 15 front screen! Luckily the phone was only 3 weeks old and eligible for apple care+! Dallas did an excellent job. Left the phone with him at around 9am and picked up at 10:30am !!!!!Also so convenient as I don’t have to drive out of spring field to get the repair done- saving me travel time and money!!!!!Will be going back in the future.Happy customer.

Bob Dix

21:19 26 Aug 24

Lachlan Fothergill

01:41 25 Jul 24

Very professional at handling airpods repair

Adele Rankin

03:56 19 Jul 24

Exceptional service.

Beatrice Ndebele

07:36 22 Sep 22

Fantastic service, was referred by Apple after MacBook developed a dark screen and wouldn’t turn off. I was informed of possibility to pay for diagnostic fee and expect to leave it for a fee days. I found the gentlemen friendly and accommodating. The service was prompt, fair subsequent charges. My MacBook had storage issues, I got a new laptop and they helped transferring my data. I will certainly be going back to them in future and I strongly recommend these professionals to anyone having issues with their devices.

julie farrell

06:28 02 Sep 22

2 nd time I have used this service. Needed new battery for my iphone 6 s in 2020. Then 2022 had a battery replaced in my iphone 7. Both times have been brilliant. Such a smooth and well organised service. The fellas at the counter on every occassion have been very patient and helpful. Thanks again, highly recommended

Gary wylie

09:28 01 Sep 22

Quick service. Reasonable pricing .Would recommend for apple repairs

Joel Berry

10:08 23 Aug 22

Awesome service, with a quick turn over. Genuine apple product dealers, most issues under warranty and or insurance will be covered free of charge or for a small cost.Highly recommended.

John Florez

00:27 11 Jul 22

Very knowledgeable, friendly and 100% helpful. They explained all the options and their pros and cons to improve my iMac's performance. My computer is now running much faster with these upgrades. Great Work! Highly recommended!

Melissa Moana

05:16 13 Jun 22

i had no idea they were here awesome service way better than having to travel to carindale

Desiree S

07:52 27 May 22

I discovered this apple repairer by chance and now I recommend them to everyone. Great service and reasonable prices.

Emily Martin

04:45 22 Feb 22

Dropped my MacBook in just shy of 3 years old with a battery issue. The team were very prompt in email response and with the computer. Dropped Saturday, said it would be ready Wednesday. To my surprise it was ready today (Tuesday) a whole day early. Even better they covered the replacement of the battery under warranty. Highly recommended!

Kyle PM

07:59 01 Feb 22

Great and easy service. Much simpler to deal with than an Apple store for repairs. As an IT professional, will definitely be back if a staff member breaks their phone. (Let's be honest, they will).

Ricardo Sé Cestari

23:30 02 Jun 20

Good professional service. Job well done and in a better than expected timeframe.

Kathryn Chee

06:38 15 May 20

Phone came back good as new after a nasty cracked screen. Service was efficient although I did have to come back 24hours later as they didn’t have my colour iphone Instock - so maybe call ahead the day before if you want same day screen repair?

Stevan Kostantinovic

23:01 05 May 20

Very helpful and professional staff as they are Apple certified and did a great job replacing my sisters broken macbook pro screen.Always remember, you get what you pay for.

Ivan ZiHao Tan

10:12 29 Apr 20

Effective and honest! It’s a nice and not busy place to get your IT stuff fixed. It is a bit out of the way but if you’re around west side, just go there. Traffic is smooth too!

Oliver Baumeister

21:38 06 Mar 20

Good service, quick repair of my MacBook Pro under warranty. 3 days to replace ‘top case’ (keyboard, trackpad, etc). Very satisfied.

Bradley Witham

01:43 03 Feb 20

Great shop. Highly recommended. Professional and very helpful staff. Did a great job for me. Will be back for sure - even though it’s over 1hr drive from my home!

Evan g

01:49 07 Jan 20

Friendly and knowledgeable staff coupled with quick service even during a busy period.

Jaidyn Somerville

22:59 01 Nov 19

Quick and professional service, I was told my MacBook would be ready in 2/3 business days and received a text to confirm it was ready two days later. Kept me informed with updates too. Defiently recommend these guys.

Mike C

09:09 23 Oct 19

Friendly, professional staff. Perfect job replacing Macbook keyboard and screen, all with a very quick turnaround. Best Apple experience yet - highly recommended.

Mark Schulz

01:15 04 Sep 19

My second time using the service - first for an iPhone battery replacement and this time to replace the battery in a Macbook Air. Service is great. Will continue to use them into the future.

Jason O'Connor

01:25 28 Aug 19

What a terrible experience dealing with eStorm in Springfield Lakes. After spending an hour on live chat with Apple last night they said that there was an issue with phone and to take it to one of their retail stores or to an authorised service centre. The closest to us was eStrom Service Centre in Springfield Lakes. We were booked in there by Apple who were 100% aware of the phone being out of warranty but due to the issue they were happy for it to be taken in. When my wife got there she was greeted by someone called Dallas who then proceeded to ask her for $40 as a diagnosis fee. At no stage were we made aware that there would be a fee even though Apple were aware of the phone being out of warranty. When my wife made him aware of that he said that it was their policy and there was nothing they could do about it. My wife turned around and walked out. I called to ask what the story was and Dallas said exactly what I have written above. No consideration about the fee, it was internal policy and not their problem that Apple didn't tell us about it. So disappointed at this experience and will never be using them again or would ever recommend them to anyone.

Kelley Knudsen

07:58 16 Aug 19

Great customer service, professional and polite, great results and fast turnaround!

Theticus _

00:08 30 Jul 19

Great service for Apple repair

Michael Bischa

03:27 31 May 19

Great service, let us know our options up front, found the solution and ordered parts in and completed the job in just 48 hours to get am important computer back up running. They are great!

Rob & Rebecca Ketelaars

19:43 20 May 19

Friendly staff. Fast service. Replaced the battery in my iPhone 6 in about 1.5 hours while I was shopping at Orion just across the road. Perfect.

Valentin Despa

08:33 09 May 19

Very professional, friendly and fast. I liked a lot that you get text messages with the status of your job. Thank you guys!

Anthony

05:33 05 Feb 19

Staff was very friendly and professional, only took 2 business days for my keyboard to be repaired; excellent service and absolutely no hassle.

Kazi Nazmul Haque Shezan

00:46 01 Dec 18

Just awesome experience. My apple watch 4 was not charging. I got a new apple watch in 3 days. They are very fast at resolving problem. The staffs are very helpfull

Helena Stibbard

23:12 11 Sep 18

Exceptional service; Explained everything and was very helpful with advice for backing up files; MacBook Pro full keyboard replacement done in 2 days; very little downtime which was really appreciated. Highly Recommended

Tom Parke

11:41 05 Sep 18

This is an easy five stars. I came into the store, explained my issue (I needed to have the entire screen of my laptop replaced). They told me they'd need to order in some parts, and the entire repair was finished in less than 24 hours. Superb team.

Sam D

22:38 19 Apr 18

I took my MacBook Pro in to get the screen diagnosed and replaced through apple warrenty, it was completed very quickly and estorm did an excellent job. It was so much easier going to estorm over an apple shop, no wait time, plenty of appointment times and no pushing your way through noisy crowds. Will definitely be going back to them for any issues. Thanks!

James C

02:50 22 Mar 18

Liam Sorensen

21:18 31 Jan 18

Excellent service and very professional atmosphere. I had a couple of apple devices that needed fixing and to my surprise were covered under warranty and were replaced free of charge!! The team there are an awesome crew very welcoming and very understanding.Look forward to requiring your service again.

Dallas Rankin

01:20 17 Oct 17

Wade

04:43 16 Oct 17

See All Reviews