Spear Phishing

A lot of cyber attacks don’t target specific individuals. They are usually attacks of opportunity with the goal to steal as much data as possible or gain access to a large number of systems. Although they may not be the majority, a targeted attack is still a major risk. these more specific hacks often target business leaders, CEO’s, and government officials. One type of targeted attack  used is referred to as “spearphishing”.

Spearphishing is an attack that uses email. Much like traditional phishing scams the email usually appears to come from a trustworthy sender or organization and tricks a user into clicking a link or downloading a file that infects the victims computer with malware. But unlike traditional phishing, spearphishing uses emails and websites that are customized specifically for the targeted victim. Appearing as totally legitimate to anyone unsuspecting. Whats worse is due to their customized nature these attacks are usually not caught with traditional online security systems like spam filters or anti-viruses which use databases of known malware and spam for detection.

There is no easy solution to spearphishing. Right now the best defense is employee education. More specifically education with the executives and upper level management who are most likely to be targets of these types of attacks. 

Written by: James Sheehy

.

#cybertips #cybersecurity #cybernews #cyberaware #cybercrime #ai #spearfishing #email #crime #infosec #dysp #tampa #tampabusiness #womenintech #barracuda #mimecast #proofpoint 

Leave a Reply