Phishing is defined as a form of social engineering which attempts to acquire sensitive information or data (such as usernames, passwords, email addresses, account numbers, and One-Time Passwords, etc.) through fraudulent means. The pandemic pushed us to bank online to make transactions more convenient throughout prolonged lockdowns. Since then, phishers have become more creative, and continue to find innovative ways to trick people into clicking links or buttons and divulging confidential information.
Before presenting the steps that phishers take to maliciously acquire data, one fact needs to be underscored: contrary to the stereotype that movies often romanticize, phishers are not necessarily socially awkward hackers that spend their entire day in front of a computer. Moreover, they do not use complicated programs or devices to manipulate bank records. Phishers are all about efficiency, thus, their preferred method is to trick their victims into unwittingly giving them the information they need. That said, phishers use psychology to make us give up our personal and financial information that will allow them access to our accounts.