| Attack types | References | Description |
| Phishing | [2] [3] [4] [7] [10] [11] [12] [13] [17] [18] | In Phishing, the attacker tries to gain access to confidential information using electronic communication. It is mainly done via emails spoofing. Usually, the victim gets an email from the attackers that appear to come from a legitimate source (like a fellow employee, Credit Card Company, bank etc.) requesting information like social security numbers, bank account number etc. |
| Baiting | [2] [3] [4] [7] [10] [11] [12] [13] | In this attack, physical medium is used instead of electronic medium like delivery of infected USB drives to employees or leaving physical devices containing malware in a public place to be found by the victim. |