Phishing #1: Email Phishing, Baiting and Search Engine Phishing

Email phishing, baiting and search engine phishing - what is it? In this multi-part article, we give a brief introduction to the different variants that are used to deceive users.

Reading time:
3 min
Phishing #1: Email Phishing, Baiting and Search Engine Phishing

The number of phishing attacks increased by 29% in 2021 compared to the previous year, and Germany was the third most attacked country. But what exactly is “phishing”? In phishing, someone poses as a reputable and trustworthy person or company and, by manipulating the victim, achieves that the latter clicks on or opens a file, link or similar. This usually then leads to personal information being stolen or malware being installed.

Email Phishing

A well-known example is “email phishing”. This type of phishing accounts for about 96% of all such attacks. Emails are sent that appear to come from well-known companies. Recognizing such e-mails is usually easy and successful if you check the following characteristics in particular:

  1. Characters are appended to the name of the company, e.g. a dot or an underscore.
  2. If you look at the sender’s address, they are often random characters.
  3. The content of the e-mail does not correspond to classic corporate communication. For example, it consists of a short text, which often contains grammatical and spelling mistakes.


Besides email phishing, there is also “Baiting”. Baiting is a kind of Trojan horse, which means that while you are interacting with the bait, something is happening in the background, such as downloading malware. Baits are usually interesting file names or even offers. This type of attacks targets curious individuals who, at best, are not familiar with the dangers of phishing. To avoid “Baiting”, one should always make sure that the domain one is on is safe and question the characteristics of the file or offer. One should ask oneself questions like:

Search Engine Phishing

As you can tell, phishing is everywhere, which means it’s also in your own browser. “Search Engine Phishing” involves targeting consumers with fake online shopping websites. These shopping websites often appear to coincide with the season, e.g. Christmas, and offer irresistible discounts. One unsuspectingly provides personal information and bank details during the purchase and, in most cases, receives nothing of the purchased goods or a cheaper version. Such fake stores can be recognized quite reliably by some features:

A three-parted overview on E-Mail Phishing, Baiting and Search Engine Phishing. E-Mail Phishing: With 96% the most common form of phishing attacks. Here attackers pose as well-known companies. Usually manipulated URLs are used in an attempt to steal information, such as bank details. Baiting: The target group of this form of phishing are curious individuals. They are being baited with offers or interesting file names. This form of phishing functions like a Trojan horse. Search Engine Phishing: In this form of phishing customers are targeted with fake online shopping websites. These have irresistible discounts and mostly appear during the appropriate season, such as Christmas.
Figure: Summary on E-Mail Phishing, Baiting und Search Engine Phishing

Contact an Expert

Do you have any further questions or need specific help? Write us a message or arrange a meeting directly.

Show more

Get to the blog