Published on May 28th, 2019 | by Bibhuranjan0
The Rising Threat of Spear Phishing in 2019
An Email scam that targets an individual, organization, or business is called spear phishing. The main intention of the cybercriminals is either to steal the data or to install malware on the targeted computer. This type of attack has the highest success rate as it is well engineered to penetrate into the defense system of the victim’s computer. Spear phishing is a growing problem and it has led to significant financial loss to big organizations.
How does it spread?
Most of the times government-sponsored hackers are behind these type of attacks. In order to personalize the attacks, these cybercriminals employ individually designed approaches. This is why even top-position individuals within an organization become a victim of these cybercriminals. That one mistake allows cybercriminals to steal all the data they need to attack their network.
One of the most famous breach attacks which were done on a health insurer, Anthem was settled with $115 million. Another attack on Ubiquiti networks cost the company $46 million. These attacks can prove too costly for any organization. Most of the emails look like it came from high-level employees such as CEO, CFO, and VPs with the authority to direct payments or wire transfers.
How does the attack take place?
Spear phishing is different from regular phishing. Regular phishing targets a large number of people whereas spear phishing targets specific individuals. It basically tricks employees by creating a sense of urgency and asks to execute a money transfer on behalf of one of their bosses.
Cybercriminals spend a lot of time to observe their target before they attack them. They use lead generation sites to gather information about CFOs and other employees in the finance department. In order to get an insight on who is the best to target and impersonate, they use social media platforms such as Twitter and LinkedIn.
Combining all these information personas and crafting a message accordingly maximizes the likelihood of the victim to click on those links in the email. Spear phishing is also known as whale phishing because it targets people in a position of power and decision making. They are highly valuable as well as available to the cybercriminals as employees are more likely to listen to someone at the top level.
How to prevent these attacks?
There are many ways for spear PhishProtection. You can either take prevention steps to prevent yourself from becoming a victim or you can take premium service from companies like DuoCircle, which provides advanced threat defense suite.
The best way to protect employees from these type of attacks is by educating them on how to protect themselves. Most of the times victims get scared after they have made the mistake and instead of informing the IT team or their bosses, they follow whatever the attacker says and increase the risk for the organization. In order to mitigate the threat of spear phishing, organizations need to put both human and technical controls into place. A simple External tag on the top of the email can help the reader in considering a possibility that something might be fishy about the email.
It’s always a better option to check the sender’s email address before taking any action. The attacker might not have @organization tag in their email address. This will help employees understand that the sender is not associated with the organization. Advanced AI/ML defense system is necessary to combat these sophisticated attacks.
The outbound SMTP service is a well-managed service which follows proper guidelines and policies to protect the reputation of an email sent by your organization. Spam filters, malware, and antivirus prevention are the standard controls which don’t work these days and fail to protect the victim from the attacker.
Leveraging stronger authorization process before performing any kind of financial transaction can help in combating spear phishing. Spear phishing can occur on any day, but these campaigns focus on the users during the workweek especially from Tuesday to Thursday. 20 percent of the spear phishing attacks happened on Tuesday.
There is no one technology approach that has the potential to block all types of phishing attacks. Attackers always look for new and innovative ways to bypass the security system.
Employees have projects to complete and because of which most of them don’t even bother to check the sender’s email address. As a result, they become the prey. Educating the employees about phishing is the key to prevention. When financial transactions are requested over the email, it’s better to ask the sender personally over call or meeting that if they themselves have requested to initiate the transaction. It will help organizations save a lot of money.