What about Spear Phishing

What’s different about Spear Phishing?

/in , /by

In the digital landscape spear phishing has been around for over 20 years, but for about 5 years it has attracted massive attention.

Primarily using email to deliver its malicious payload, spear phishing is a very real and current threat to any business of any size basically because we all use at least one business email address. The golden key to prevent any similar threat is to make sure your staff is fully aware of the signs of such an attack.

Let’s take a deeper look.

Techniques

There are certain techniques hackers use to launch a phishing scam. Here are some of them.

  • They try to deceive employees to disclose sensitive data such as login information for company emails or databases. Find out how to protect your email account from multiple threats.
  • Microsoft Office documents contain macros (pieces of code saved inside a document) that, once activated, allow hackers to gain remote access to any system. Obviously, once hackers get access, they can start adding code to create malicious macros.
  • Hackers include clickable links within emails in the attempt to redirect victims to malicious websites where malware is automatically downloaded to their systems.

Phishing vs. Spear Phishing

A lot of people know what phishing is and many businesses are aware of this threat. However, spear phishing is a bit different.

Hand phishing emails tend to target large numbers of individuals with generic content, but spear phishing is a much more personalized attack. For example, rather than starting an email with “Dear Sir/Madam”, a spear phishing email will use the recipient’s exact name to inspire trust to get him/her closer to taking the malicious bait.

Characteristics of a spear phishing attack

Generally, phishing attacks are executed by experienced hackers, but there are still a bunch of signs which characterize spear phishing such as:

  • A Combination of Threats: To increase the success rate, spear phishing integrates several techniques to deliver their payload which usually includes infected URLs, documents and unauthorized downloads.
  • Multiple Levels of Attack: Spear phishing attacks organizations on several different levels following the initial infection, so further attacks can involve malware downloads, keystroke logging, screenshot capturing etc.
  • Zero Day Vulnerabilities: Spear phishing distinguishes itself by exploiting the numerous vulnerabilities that might arise in apps, plugins, browser extensions etc. Those vulnerabilities are discovered and can be exploited before they are addressed by authorized software developers.

Examples

There are several notorious examples of spear phishing attacks that happened within the last few years. Let’s remember few of them.

In 2016, a Snapchat employee fell victim to a spear phishing scam caused by an email allegedly sent by the Snapchat CEO. Unfortunately, the victim carefully followed the request within the email and forwarded financial information to a spoof email address.

However, probably the most popular example of spear phishing is the attack launched against the US Democratic Party in 2016. You probably remember how Fancy Bear used spear phishing tactics to target email accounts linked to the 2016 presidential campaign. They attacked more than a thousand Google accounts and used a fake domain “accounts-google.com” to mislead the victims. What hackers did was to send emails claiming to be from Google representatives suggesting recipients to update their email passwords to enhance security. Bad luck, because the links within these emails simply led the victims to malicious websites which enabled the hackers to take control of their email accounts.

Eventually

It is crucial to understand how such an attack is likely to be launched against your business. Don’t forget! Knowledge is the golden key of cyber security, so make sure that you educate yourself and your employees to protect sensitive data.

We take cybersecurity very seriously. With Secure.Email we provide complex email protection to defend your business against the latest threats: ransomware, spear-fishing, impersonation and other targeted attacks.