How to avoid Spear Phising?27/06/2019
Phishing is not too unfamiliar to may people nowadays but Spear Phishing is a more sophisticated way of fraud, usually target a particular individual in organizations and the success rate is higher than normal fraud.
Generally, Phishing is a fraudulent attempt of hackers to steal sensitive information of victims. There are many different types such as Tabnabbing, Whaling, Tabjacking, Vishing and Smishing, especially Spear Phishing. According to research by Trend Micro, there are 91% of target attacks using Spear Phishing Email.
What is Spear Phishing?
Spear Phishing is a method which hackers use to target and make victims think that they received a legal email from a familiar entity that they often exchange information. Thereby, victims won’t have any protection and easily fulfill the fake email’s demand.
For example, an enterprise with a domain named abc.com with and subdomain something.abc.com. This allows hackers to create an ID email named email@example.com, make users think that this email is related to the organization abc.com.
Obviously, users’ activities on the Internet are spied closely by the hacker. Just a moment of neglection, hackers will easily approach and wait for the right opportunity to attack. In other word, purposeful attacks using Spear Phishing are very often. Frauds are shifting rapidly from normal attacks on a large scale to small Spear Phishing attacks but with particular targets and more effective.
Spear Phishing increases both in frequency and sophistication
Spear Phishing always “lurks” around us
A successful Spear Phishing attack can make the hacker millions of dollars. One of the most famous data breaches with fraudulent attempt happened with Anthem, a health insurance company. They had to pay 115 million dollars for a class action lawsuit. They were accused of the data breach and allowing access to more than 78 million healthcare profiles.
When talking about Spear Phishing, the fraud that cost millions of dollars of RSA, the company which is in charge of cybersecurity for EMC, can’t be mentioned. The incident happened as follow, a hacker sent 2 emails attached with an excel file named Recruitment Plan. Although both emails were filtered and sent to spam, some staff were curious and opened the file, helping the malware spread and attacked users. After that, they can steal employees’ information by using sophisticated strategies. Even a security company can be scammed, imagine what will happen to email users and enterprises that didn’t equip security solutions.
Protection from Spear Phishing
In the past few years, security researchers have warned to be highly alert to such threats like Spear Phishing. That is why enterprises should focus on prevention, using security technology to filter emails like Receive GUARD.
Additionally, they also have to train and improve the knowledge of cyber security for staff. Basically, users should confine to sharing personal information on the Internet and be highly alert to emails that require providing information, that is the best way to protect oneself against types of attacks in general and Spear Phishing in particular.
Vnetwork Joint Stock Company
+84 28 7306 8789
Need more information?