However you get your news, by now you have seen the term 'phishing' used to describe ways to exploit people on the Internet. You or someone you know may have been the target of a phishing attack. At UMBC, the Division of Information Technology (DoIT) saw a surge in various types of phishing attacks since the start of the lockdown in the sprint of 2020.
The term 'phishing' refers to attempts to gather personal or otherwise sensitive information from a victim. The information is usually specific and, if possible, unique enough to serve as identification for the victim. This includes obvious things like social security numbers, phone numbers, and online account passwords. It may also include less obvious information, such as birthdays, the names of family members, or even the name of the victim's old high school.
Area 1 Security has published a report based on "over 31 million threats discovered from May 1, 2020 to April 30, 2021" that describes the different types of phishing and provides some guidance in guarding against them.
The report is not long. We strongly encourage you to look at pp. 17-18, the report's Recommendation section. While it is addressing IT support groups, most of the advice can be useful to individuals as well.