It is quite likely you have never heard of the term spear phishing, but it is an issue you would be well advised to be aware of. Let me explain:
Phishing is a term to describe fake emails used to trick or attack an individual or an organisation. Scam emails can be sent globally at any one time to millions of potential victims. Sometimes the content of the email will be a plea for help, usually financial, offering a once in a lifetime opportunity or tempting you to take immediate action. When you click on a link in a phishing email you will be taken to a malicious website where attempts will be made to gain access to your computer and access to your personal details, such as your bank account.
However, Cyber criminals are becoming much more sophisticated and are now more targeted in their approach and this has led to the emergence of a new and dangerous phenomenon – spear phishing.
Unlike general phishing, with spear phishing the cyber attackers carefully research their intended targets, such as gaining information from their social media accounts or from any other information they put on the internet from their PC. For example, they might scan social networking sites to find a targets page, their email address and their friends list. Often spear phishers are not after money, there are more likely to target specific organisations to obtain high level confidential information such as business plans, corporate secrets or plans for sensitive technology.
You may feel you are far too sensible to fall for a trick of this kind, but these cyber criminals are a clever bunch of guys and gals. Using information they have found the spear phisher can pose as someone you know and send emails which appear to come from a trusted source such as your accountant, solicitor, your bank or work colleagues. They will then try to trick you into handing over confidential and sensitive information that they can use for their criminal purposes. Every individual at any business, corporation or organisation is a real target for the spear phisher and we all need to take action to protect ourselves.
So, how do we protect ourselves from these clever cyber criminals, you may ask. Well, here at N2S, we have spent years perfecting our data protection services, so we truly qualified to advise on this matter: