Personal information theft (names, addresses, or social security numbers).
A redirect to suspicious websites that host phishing landing pages.
Manipulation to take immediate action (by incorporating threats, fear in a phishing scam).
Vishing and smishing. These phishing campaigns follow-up an email with a fraudulent phone call or SMS/text messaging. An attacker pressures a victim to click on the phishy email in real time. This encourages the target to click the email and activates the virus.
Baiting. Puts something desirable in front of targets to coax them into the social engineering trap. A simple example: Handing out free USB drives to employees that, once loaded, activate malicious software.
Evil twin. This type of attack uses a fake Wi-Fi hotspot that looks legitimate but can intercept data during transfer. This approach makes it easy to collect confidential data that is transferred during the connection.
Scareware. Fraudsters create pop-up banners with a security warning. This kind of attack plays on human fears and lures you into visiting malicious websites.