Spear phishing attacks target specific individuals within a specific organization for a specific purpose. The email threat landscape has dramatically shifted from broad spam attacks to targeted email-based phishing campaigns that are causing significant financial, brand and operational damage to organizations around the world.
Some of the most notorious cyber crimes — such as the attacks on major banks, media companies and even security firms — started with just one person clicking on a spear-phishing email.
Spear phishing is a popular delivery method because it works. Traditional security defenses such as antivirus and anti-spam solutions as well as secure email gateways simply do not detect and stop it. From a cyber criminal’s point of view, spear phishing is the perfect vehicle for a broad array of damaging exploits. For example, threat actors are increasingly targeting executives and employees with administrator rights, tricking them into activating malware that gives criminals access into their companies’ environments. This might be ransomware that encrypts company data, then extorts fees from the victim to remediate the situation. Other malware includes banking and point-of-sale reconnaissance Trojans that target businesses in the retail and hospitality industries. Impersonation attacks, or whaling, happens when attackers impersonate executives and trick other employees into taking an action such as an unauthorized wire transfer. The targeted executives are usually key leaders with titles such as chief financial officer, head of finance, senior vice president and director. Spear phishing emails are created with enough detail to fool even experienced security professionals.
