Spear phishing has been around for a while, and it is one of the biggest dangers to email security of all types of businesses. You’ve probably either heard of or experienced a spear phishing attack already. In general, phishing attacks amount to 90% of all data breaches, while spear phishing attacks are the most common and dangerous ones.
Research shows us that some 30% of all phishing emails make it past your default email security, making them a significant threat to your company. What’s more, in 2018, 76% of companies reported being victims of at least one phishing attack.
Due to their prevalence, we wanted to give you an efficient explanation of what these cyber threats are and how you can adequately protect your business.
What Is Spear Phishing?
Spear phishing is a type of phishing attack scam that targets a specific company, organization, or individual.
The primary purpose behind spear phishing attacks is to obtain data, but they are also used to install malware on the victim’s computer and use it for malicious purposes.
In this aspect is very similar to a phishing attack: a regular email seemingly coming from a seemingly trustworthy source asking the recipient to perform some type of action - for example doing a wire transfer, provide some information, open an attachment, or go into a certain website. What makes it very dangerous is that these emails look the same as those coming from someone you trust, or an organization you know.
Spear Phishing attacks differ from regular phishing due to the precision and sophistication: attackers study the victim(s), their habits, the way they respond to emails, and the way the company structure works. The success lies in mainly two factors:
- They are very cleverly designed with much attention to small details to look and feel legitimate.
- They are individually designed and expertly personalized for each victim to steal sensitive data.
A very common example:
The Example.org CEO’s secretary will not look twice if he/she gets an email from the boss for a wire transfer or to send over some important papers. What this person doesn’t know is that attackers searched, probably through social web or other public evidence, who’s the Example.org CEO, the secretary, the way the CEO signs its letters, the bank the company works with, and many more details and have just decided to personalize an attack just for this person.
The rest is about exploring technical vulnerabilities in email and the internet: many email systems allow for a different visible FROM header in the email or, has another example, no one pays attention if the corporate domain shows as Exanple.org instead of Example.org, being the first one registered by the attackers.
How to Protect Your Business from Spear Phishing Attacks?
Here are some more advanced tips on how to protect from spear phishing attacks:
- Keep your systems up-to-date with the latest security patches is very important to your digital safety and Cybersecurity. The sooner you update them, the more secure your company is. Educate your employees to make the update when the pop-up reminder show up, until the next reminder update.
- Use DMARC technology, the adoption of this email authentication rises, because it is an anti-spoofing protection built on top of SPF and DKIM, that can prevent domain spoofing or brand hijacking scams, two standard techniques used in more sophisticated attacks like spear phishing.
- Your company needs to implement advanced email protection which offers protection against more advanced attacks like phishing, spear phishing, spoofing, business email compromise, etc. You can defend against these attacks by using software that incorporates threat intelligence that can filter emails that aren’t legitimate or are malicious.
- Encrypt your company sensitive information with the right solution or tool to avoid that your data that you exchange with your employees, customers, partners or other parties to be decrypted in the wrong hands and damage by a spear phishing attack.
- Implement multi-factor authentication in your company as a routine to difficult an attacker to make use of stolen credentials.
- Employ systems that can detect abnormalities in user access by implementing an authentication system that can detect strange behaviors, like the traditional lock on failed attempts, to the more sophisticated source restriction based on time, location, and IP.
- Focus on creating company protocols and using proper technology solutions to maximize your data-loss prevention responses.
- Implement regular, proactive investigations which will look into company and employees emails to ensure that malicious emails are filtered and avoid to be delivered in your inboxes.
- Invest in your employees’ education towards the monitoring and detection of abnormalities in corporate communication.
Spear phishing is a dangerous email-based cyber attack that continues to increase among the cybercriminals that target an individual, an organization, or a business for malicious purposes. Once the attacker impersonates an individual, such as a friend, a colleague, or a family member, only good technology, processes, and human awareness can prevent the recipient from being fooled. So that’s why your company and your employees must be vigilant and pay attention to inspect email addresses and links that are sent to you.
Learn how to protect yourself against Spear Phishing here.
Author: José Borges Ferreira
Email Security Expert at AnubisNetworks. José is the email security expert that is always seeking and research for new features to help companies to protect against advanced cyber threats. With an extensive experience of email security, specifically dealing with high volume email processing and anti-spam/anti-fraud techniques, he’s responsible for all the innovation at the AnubisNetworks email security solutions.