Spear Phishing

What is Spear Phishing and how is it different from traditional spam

Malware and phishing schemes have been around as long as information has been flying around the internet.  As more of our businesses and lives have made their way online, cyber criminals have seen the value in more complex and targeted attacks to get at your information.  As we have seen in the last couple years with crypto viruses popping up, keeping your business and personal data safe is becoming increasingly more difficult.  Now we are seeing more targeted phishing attacks on businesses then ever before

Phishing vs Spear Phishing

Phishing schemes have been around as long as we have had email.  You may recognize certain princes in a foreign nation willing to give you millions of dollars if you provide them with a little money and your bank account.  These broad phishing attacks were used like cold calling.  It’s a numbers game and they were trying to get it to as many people as possible in hopes a few would fall for it.

Spear Phishing is more complex, where the attacker learns important information about who they are trying to dupe.  The emails, phone calls, or text messages, will disguise themselves as a co-worker or friend with how they set up the email account that they spam from.  They are targeted attacks looking to initiate a wire transfer, get banking or credit card info, or other sort of payment or information.  These may also contain links taking users to spoofed websites asking for passwords and other information.

How to prevent Spear Phishing

Spear Phishing is really part of a broader term of social engineering.  A great way to prevent data loss in a company is to have an IT training protocol that all users must go through.  This could be as new employees, or a yearly training that everyone goes through.  Having educated end users that know what to look for in Spear Phishing or other social engineering attacks is a great first line of defense. Making sure all your computers software and operating systems are up to date is along another step.  Some of your advanced mail filtering and anti-virus programs are also designed to flag these spear phishing emails.  These filtering programs are able to verify and compare email headers and other parts of the email to verify that it is coming from the source that it says it is coming from.  These programs can also test links and attachments to make sure there is no threat to the end user.

With cyber criminals becoming more advanced every day, businesses need to take extra steps to try and stay one step ahead in protecting their employees and businesses.  All it takes is one attach to cripple a business.  Education and protection can go a long way in keeping your company safe from cyber criminals.

Interested in securing your company from threats like these? Contact Blue Cotton Tech to learn more about our security services.