Phishing
Phishing emails will usually ask you to do one of the following:
Open an attachment or file (will pose as an invoice, brochure, picture of Miley Cyrus, etc.)
Follow a deceptive link (amazon.store.com is not amazon.com)
Install malicious software
Give-up personal information (bank account information, username/password, your favorite brand of toilet paper)
Follow malicious instructions
Types of Phishing Attacks
Phishing - A method used by cyber-criminals for stealing something from individual email users.
If you have an email address -- they will email you.
This usually has a low rate of success as it greatly depends on its relevance to you (if you actually have a PayPal account, Twitter account, bank at whatever financial institution). Obviously, if you don't have a Dropbox account, never heard of Dropbox, or prefer cardboard box... then it's safe to say the email you just got was a phishing attempt.
SPIM - (Not to be confused with SPAM - the wholesome meat based "food") is when scammers utilize SMS and instant messaging to contact their targets.
Click here to claim your prize!!! -- Oops! You must log-in with your Facebook account first (we've conveniently provided this totally-not-suspicious log-in box)
Vishing - is a technique where cyber-criminals try to scam a target using phone calls.
I'll let you in on a little secret... As 'wonderful' as Microsoft is -- they will not be calling you about your slow PC. They're busy breaking it with Windows updates.
Don't panic! The robotic sounding voice on the line is not actually the IRS threatening to send the Sheriff's department to your house to sell you an extended car warranty.
Advanced_Fee_Scam (AKA the Nigerian 419 scam) - The attacker will contact a target and claim to be looking for help moving a large sum of money. The attacker will usually claim to be in distress and play to a victim's empathetic side(if you have sociopathic tendencies feel free to skip this section)
The scam usually plays out with a wealthy Nigerian businessman or Prince who is in desperate need of your help -- I mean, who else would they contact?
Once they build their victim's confidence (ahem.. promise them a boat-load of money) they will usually ask for banking information or up-front money to help move their 'fortune'.
Then the victim ends up super rich, buys a Ferrari, and spends their days relaxing in the Caribbean... er, actually the scammer disappears and takes your money.
Cat_Phishing - is where a cyber-criminal will develop a trusting relationship (by creating a fake online persona) which they'll leverage to exploit their victim for money or other favors.
As exciting as it would be... Beyonce is NOT leaving Jay-Z to live with you in your parents' basement.
Ever wonder why your online love interest never calls you? Usually it's hard for middle-aged Russian men to sound like 21-year old Swedish super-models... just sayin'.
Pharming (this Ph- thing is trendy) - is a technique where a cyber-criminal will author a fake/replica website (copy of a legit site) to steal a victim's credentials.
The link in your email with the text "DefinitelyYourBank.com" actually leads to the URL "Def1n1telyY0urBank.net" and entering your credentials will probably not "Fix the issues with your account immediately".
Other greatest hits include: Fake Facebook login, replica PayPal login, illegitimate Amazon login, etc.
Essentially, never log-in to any websites through an email unless you requested it -- just go to the website.