Education • Practice • Confidence

What is Phishing?

Phishing is when attackers impersonate trusted sources to trick you into giving up passwords, personal info, or money. It happens through email, texts, phone calls, fake websites, social media, and even physical mail.

Start Training What To Do Next

Learn the red flags fast

Phishing = impersonation + pressure + a risky action. If the message pushes you to click, call, or pay, slow down and verify.

Why phishing works

Phishing works because it targets human trust — not technology. Scammers use urgency, fear, or temptation to push quick decisions.

Urgency & pressure

“Act now” / “final notice” / “account locked.”

Impersonation

Banks, delivery companies, coworkers, law enforcement.

A trap action

A link, QR code, attachment, phone number, or payment request.

The payoff

Stolen logins, identity info, money, or access to accounts.

Common red flags

Unexpected message demanding action
Threats, fear, or “you’ll be arrested” language
Link text doesn’t match the destination (hover reveals a different domain)
Requests for passwords, codes, or personal data
Payment requests via gift cards, crypto, wire, or “untraceable” methods
Sender domain is slightly off (extra letters, odd TLD, or random subdomain)

Quick rule

If it creates urgency and asks you to click, call, or pay — pause and verify.

Phishing Facts & Statistics

A quick snapshot of why awareness training matters.

Snapshot

Millions

of people report scams each year

Attackers play a numbers game — volume creates victims.

National cybercrime reporting

Top threat

phishing fuels many account takeovers

Stealing logins is often step one of bigger fraud.

Industry + incident trends

Billions

in losses are reported annually

Small losses add up fast — and big losses do happen.

National cybercrime reporting

Every day

email delivers scam links and malware

It’s cheap, fast, and still works — especially at scale.

Industry reporting

Rising

SMS and text-based scams keep growing

Texts feel personal — and people act faster on phones.

Consumer + carrier trends

Still works

calls and voice pressure tactics catch victims

A confident voice can override doubt in seconds.

Consumer reports

These stats reflect nationally reported cybercrime trends. We keep this “snapshot” high-level so it stays accurate even as yearly reports update.

Common phishing methods

Phishing isn’t just email — it shows up wherever people communicate and pay. Train the method you see most.

Email phishing

Spoofed emails that push you to click a link, open an attachment, or “verify” your account.

Train this Learn more

Smishing (SMS)

Texts about deliveries, banking, job offers, or “prizes” with malicious links or phone numbers.

Train this Learn more

Vishing (phone)

Calls impersonating tech support, government, banks, or executives to pressure you into action.

Train this Learn more

Fake websites

Look-alike login or checkout pages designed to steal usernames, passwords, or payment info.

Train this Learn more

Social & ad scams

Fake ads, posts, and DMs that lead to malicious sites or direct payment scams.

Train this Learn more

Why GonePhishing exists

GonePhishing was created to educate and empower everyone to recognize and report scams before they cause harm. Through real examples, true stories, and interactive training, we help people build safer habits — fast.

Start Phishing Training