Phishing attempts are especially common around the holidays, so be sure to watch out for the signs. However, phishing attempts are becoming more sophisticated. The latest method? Spear Phishing. What is it and why should you worry?
Spear Phishing is an attack attempt where the emails are sent to specific and well-researched targets purporting to be from somebody they trust. Regular phishing campaigns will generally go after a large numbers of targets with the hope of getting a few. Spear phishing is specifically targeted at individuals meant to cause the most damage with carefully crafted emails.
Spear Phishers attack with a goal of penetrating an organization. They’ll research an organization to gather all the information they can. Using publicly available information from the company Web site and social media sites like LinkedIn, they’ll dig up all they can about a company, its employees and their roles. Sometimes attackers will social engineer their way into an organization.
The attacks are much more complicated and targeted. A regular phishing campaign might involve generic fake log in pages or banking web site scams. A Spear Phishing campaign will be more targeted, referring to specific programs or documents that the company may use, based on the research gathered during reconnaissance.
The biggest key is that the emails appear to come from somebody within the company. The “From” portion of the email address is often spoofed to make it look like it’s from the CEO of a company, for example.
So if you have a role within a company that allows you to make purchase on the company’s behalf or access financial, and you suddenly get an email from your boss asking you to wire transfer a bunch of money or purchase a bunch of items on their behalf (iTunes cards are popular), be wary. If you’re in HR and you’re suddenly asked to redirect payroll to a different account, be wary.
Verbal communication is the key to confirming these kinds of emails. Also look out for terminology and wording that your emailer never uses or isn’t localized to your region. If you get a file that when you open it requires macros to be enabled, you should obviously avoid those.
Like regular phishing, filters and malware and ant-virus protection will help protect you from these attacks. You can also tag your emails that look like they come from internal emails and users but actually originated from outside your network or email services (which is something we’re rolling out on our CompleteCare clients’ email setups).
If you still need help deciphering whether an email is legitimate or not, this infographic might help:
If you want to know more about how Weston helps protect your environment and can help to prevent these kind of attacks, contact us today.