Why is phishing spelt with a ph? What makes spear phishing different? Who’s a potential target?
Spear phishing is a huge concern to organisations around the world. It’s therefore crucial to understand that the evolution of spear phishing, key targets, and best practices to prevent these pervasive attacks.
Many people think that spear phishing is just another term for phishing, but it’s actually a very different type of attack. And while IT may well be familiar with the risks and dangers, your users may not be.
Whereas phishers send emails in bulk to large numbers of people, spear phishers do extensive research before starting their illegal campaigns. They send highly personalised messages to targeted people within an organisation, often relying on impersonation techniques.
For example, they may pretend to be the CEO, CFO, or another trusted executive from within your own organisation. Because of the economics, spear phishers are willing to invest a significant amount of time and effort in targeting a particular person, engaging in conversation through multiple emails to build trust. The aim is to get the victim to do something that benefits the spear phisher, such as wire transfer funds into the criminal’s account. Often the victim has no idea they have been tricked as they believe they have transferred funds to pay a legitimate bill—making it even harder to get the lost funds back.
How can I find out more?
Read Barracuda’s white paper on the subject, The Evolution of Spear Phishing. It’s something that all businesses must take seriously—attacks so far total almost £4Bn. In it you’ll learn all about spear phishing, and most critically, how to stay safe.
As Barracuda Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.
To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.