FraudScope // Threat Library // What is phishing
Phishing // Overview
What is phishing?
Phishing is any message that impersonates a trusted source to trick you into giving up a password, a payment, or personal data. It arrives by email, text, call, and more. Here is how it works and how to recognize it across every channel.
What it is
Impersonation at scale
Phishing is social engineering delivered as a message. The attacker pretends to be your bank, a delivery service, an employer, or a government agency, and pushes you toward an action: click a link, log in, pay, or share information.
It works because it borrows trust. The message looks like it comes from a source you already rely on, and it usually adds urgency so you act before you verify.
The family
Phishing by channel
Phishing has a name for each delivery method. The goal is the same, only the channel changes.
| Channel | Name | Typical lure |
|---|---|---|
| Email phishing | Account alerts, invoices, shared documents | |
| Text message | Smishing | Delivery notices, bank alerts, prize wins |
| Phone call | Vishing | Fraud department, tech support, government threats |
| Targeted | Spear phishing | Personalized messages aimed at you specifically |
| QR code | Quishing | Codes that lead to fake payment or login pages |
Red flags
Signs of a phishing message
- Urgency or threats: act now or lose access, money, or your account.
- A link to a domain that does not exactly match the real organization.
- Requests for passwords, one-time codes, payment, or personal data.
- A greeting and tone that feel slightly off, or unexpected contact.
- A sender address or phone number that does not match the brand.
How FraudScope helps
One tool for every channel
Paste a suspicious email, text, or call transcript, or share a screenshot, and FraudScope explains the phishing attempt: who it impersonates, what it wants, and the exact words that reveal it. For links, URL Deep Inspection (a Pro feature) shows the true destination.
Analysis runs entirely on your iPhone and makes no network requests. The only time FraudScope touches the internet is if you tap Inspect URL to check where a link really goes, and it tells you before it does.
Questions
Frequently asked
What is the difference between phishing, smishing, and vishing?
They are the same kind of attack on different channels. Phishing usually refers to email, smishing is phishing by text message, and vishing is phishing by voice call. The tactics, impersonation, urgency, and a request to act, are shared.
What should I do if I receive a phishing message?
Do not click links, reply, or call the number provided. Verify independently through the organization’s official app or website. Report the message, and if you entered any credentials, change those passwords and enable two-factor authentication.
Does FraudScope send my messages anywhere?
No. Analysis runs entirely on your iPhone with no network connection. The only time it contacts the internet is if you choose to inspect a link’s destination, and it tells you before it does.
Will FraudScope catch every scam?
No tool can. FraudScope is strongest with the full content of a message and weaker with a bare screenshot that has no link or sender. It is a powerful second opinion, not a guarantee. When in doubt, slow down and check with someone you trust.
Read the scam before it reads you
FraudScope explains what a suspicious message is really trying to do, entirely on your iPhone. Now available on the App Store.