What is a common characteristic of phishing attacks?

Phishing attacks are characterized primarily by their deceptive intent to manipulate individuals into disclosing sensitive information, such as usernames, passwords, or financial details. This is often achieved through fraudulent emails or messages that appear to come from legitimate sources, creating a sense of urgency or fear. The goal is to mislead the recipient into taking an action that compromises their personal information.

While some phishing attempts may appear to come from known contacts, this is not a defining characteristic, as attackers can spoof email addresses to make their messages seem legitimate. Similarly, phishing is not a physical attack; it occurs in a digital context primarily through electronic communication channels. The idea that phishing cannot occur through email is incorrect, as email remains one of the most common vectors for such attacks. Therefore, the emphasis on misleading the recipient to provide sensitive information correctly identifies the fundamental nature of phishing attacks.