Threat Awareness: Spear Phishing

What is spear phishing?

Spear phishing is a type of fraudulent or malicious email where the recipient is targeted in some way. The sender or attacker's intent is to gain a foothold into obtaining unauthorized access to sensitive data. It is different from a phishing scams in that the target is very specific such as an individual, a group or organization spear phishing hones in on a specific group or organization. The intent is to steal confidential data.

How does spear phishing work?

An email is sent from a malicious sender. The email usually appears from a trustworthy source. The more convincing the email, the more likely the attacker's email will succeed in convincing the recipient to act on it. Spear phishing can also employ specially designed web sites as part of the ruse of the attack to further convince a victim of the authenticity of the attacker's email.

There are many occasions where these spear phishing campaigns are sponsored by organized government or criminal groups. Cybercriminals may also act with the intention to resell the information they gather to the highest bidder. In either case, attackers will employ special techniques to effectively personalize messages and websites.

Spear phishing is a very effective tool in an attacker's arsenal for harvesting sensitive information. Recent research has shown that one in five people fall victim to a spear phishing attack.

How to Stop It?

Often a business's security control's are unable to stop these attacks because they are so well designed and targeted. As a result, they are difficult to detect. The mistake of one employee can have serious consequences for organizations. Often, businesses are one email away from a successful compromise. An attacker can reveal sensitive information, blackmail executives, and commit various acts of espionage. In addition, spear phishing attacks can deploy malware to compromise computers for their own use. Once a network has been compromised, businesses may not know for months or even years that they have been compromised allowing the attacker to steal at their leisure for a long time.

To help fight spear phishing scams, employees need to be aware of the threats, such as the possibility of bogus emails landing in their inbox, how to identify them and what to do if they suspect that they are a target and even what to do if they may have been fooled into acting on the malicious email. Besides end user education, technology that focuses on email security is necessary. Organizations need to ensure that antivirus, applications and operating systems are kept up to date. Furthermore, restricting access to potentially malicious sites is also recommended as well as ensuring their networks are properly segmented to help limit the effectiveness of and monitor for a successful attack.

Comments to this discussion are now closed!