What is spear phishing?
Spear phishing is a type of fraudulent or malicious email where the recipient is targeted in some way. The sender or attacker's intent is to gain a foothold into obtaining unauthorized access to sensitive data. It is different from a phishing scams in that the target is very specific such as an individual, a group or organization spear phishing hones in on a specific group or organization. The intent is to steal confidential data.
How does spear phishing work?
An email is sent from a malicious sender. The email usually appears from a trustworthy source. The more convincing the email, the more likely the attacker's email will succeed in convincing the recipient to act on it. Spear phishing can also employ specially designed web sites as part of the ruse of the attack to further convince a victim of the authenticity of the attacker's email.
There are many occasions where these spear phishing campaigns are sponsored by organized government or criminal groups. Cybercriminals may also act with the intention to resell the information they gather to the highest bidder. In either case, attackers will employ special techniques to effectively personalize messages and websites.
Spear phishing is a very effective tool in an attacker's arsenal for harvesting sensitive information. Recent research has shown that one in five people fall victim to a spear phishing attack.
How to Stop It?
To help fight spear phishing scams, employees need to be aware of the threats, such as the possibility of bogus emails landing in their inbox, how to identify them and what to do if they suspect that they are a target and even what to do if they may have been fooled into acting on the malicious email. Besides end user education, technology that focuses on email security is necessary. Organizations need to ensure that antivirus, applications and operating systems are kept up to date. Furthermore, restricting access to potentially malicious sites is also recommended as well as ensuring their networks are properly segmented to help limit the effectiveness of and monitor for a successful attack.