PCI Services Blog

What is Spear Phishing?

Posted by Richard Common on 20-Oct-2016 14:41:12
Find me on:

Spear phishing is a targeted email attack in which a hacker uses email to masquerade as someone the target knows and trusts.

This is often as simple as copying the name of a CEO from a company website and then sending an email using this name to anyone on the company’s corporate domain.

Spear phishing is the single most common (and effective) social engineering tactic. You’ve likely seen subject lines like these before and hopefully hit “delete” right away:

  • "Notice of pending layoff: Click here to register for severance pay."
  • "In an effort to cut costs, we’re sending this year’s W-2s electronically."

But hackers are getting more convincing and creative with email that, when opened, infects your machine. Here are a few security tactics to watch for…

  • USING THE NEWS AGAINST YOU – Whatever’s getting attention in the news can be used as social engineering lures. For example, 2016 has seen a rise in the number of spam messages related to the presidential campaign.
  • ABUSING FAITH IN SOCIAL NETWORKING SITES – Millions of people use social networking sites like Facebook and LinkedIn daily, so they develop a certain trust in them. Then, when an email says, “Your Facebook account is undergoing routine maintenance, please click to update your information,” you don’t think twice before you click.

Book a Free Assessment

 Managed Anti Spam

Managed Anti Virus

What is Social Engineering?

Held to Ransom Without a Masked Gunman in Sight

What is a Human Firewall? and how it differs from a firewall appliance

Topics: Security

Leave a reply