The email threats faced by organizations today vary greatly in complexity, volume, and impact.
Here we take a closer look so you can spot the threat before it harms you or your organization.
Spear phishing is a highly personalized form of email phishing attack. Cybercriminals research their targets and craft highly personalized messages, often impersonating a trusted colleague, website, or business.
Spear-phishing emails try to steal sensitive information, such as login or financial credentials to commit fraud, identity theft, and other crimes. Social-engineering tactics are commonly used in spear-phishing attacks to increase the likelihood of success.
These include a sense of urgency, brevity, and pressure.
Messaging that includes an uncomfortable level of personalization coming from a source you don’t recognize.
- References to topics or events that are oddly coincidental.
- A send date or time that falls outside normal business hours.
- A heightened sense of urgency or alarm.
- Promises of rewards or threats if you do or don’t act.
If you feel you’re been targeted, consider changing social networking settings to keep personal information private.
Spear attempts can be spotted by recognizing their clues:
Example
