Spear Phishing

Spear Phishing

 

Phishing is a broader term for any attempt to gain victims sensitive information such as passwords, usernames, and credit card details for malicious reasons. Unlike phishing attacks, spear-phishing attacks are personalized to their victims. Spear phishing is an email-spoofing attack that are personalised to the victims and targets a specific organization or individual, seeking unauthorized access to sensitive information. Spear-phishing attempts are not usually initiated by random hackers, but are more likely to be conducted by cybercriminals out for financial gain or install malware.

Characteristics of Spear Phishing attack

A spear-phishing attack can exhibit one or more of the following characteristics:

  • Blended or multi-vector threat: Spear phishing uses a blend of email spoofing, dynamic URLs and drive-by downloads to bypass traditional defences.
  • Use of zero-day vulnerabilities: Advanced spear-phishing attacks leverage zero-day vulnerabilities in browsers, plug-ins and desktop applications to compromise systems.
  • Multi-stage attack: The initial exploit of systems is the first stage of an APT attack that involves further stages of malware outbound communications, binary downloads and data exfiltration.
  • Well-crafted email forgeries: Spear phishing email threats are usually targeted to individuals, so they don’t bear much resemblance to the high-volume, broadcast spam that floods the Internet. This means traditional reputation and spam filters routinely miss these messages, rendering traditional email protections ineffective.

Source: Verizon 2016 DBIR

According to the FBI, “spear-phishers have netted some $2.3 billion since 2013 in a variety of semi-sophisticated, global email frauds.” This appetite for fortune has paved the way for Ransomware, a type of malware that is now found in more than 90 percent of phishing.

 

How to protect against Spear Phishing?

Any form of phishing can ultimately lead to the compromise of sensitive data. As email is the most common entry point of targeted attacks, it is important to secure this area against spear phishing attacks.

  • Training and awareness of employees: Employee education is highly critical to combat different phishing techniques. Training employees to spot misspellings, odd vocabulary, and other indicators of suspicious mails could prevent a successful spear phishing attack. Additionally, enterprises need an expanded and layered security solution that provides network administrators the visibility, insight, and control needed to reduce the risk of targeted attacks regardless of vector of choice.
  • Passwords should be strong: There should be a strict and strong password policy in an organization. Do not just use one password or variations of passwords for every account that you own. Reusing passwords or password variations means that if an attacker has access to one of your passwords, they effectively have access to all of your accounts. Every password that you have should be different from the rest – passwords with random phrases, numbers, and letters are the most secure.
  • Keep software updated: The majority of software systems include security software updates that should help to protect you from common attacks. Where possible, enable automatic software updates.
  • Do not click links in emails: If an organization, such as your bank, sends you a link, launch your browser and go directly to the bank’s site instead of clicking on the link itself. You can also check the destination of a link by hovering your mouse over it. If the URL does not match the link’s anchor text or the email’s stated destination, there is a good chance that it could be malicious. Many spear-phishing attackers will try to confuse link destinations by using anchor text that looks like a legitimate URL.
  • Check the source before opening emails: If you get an email from a known source asking for personal information including your password, carefully check to see if their email address is one that you have seen them use in the past.
  • Implement a data protection solution: A data protection solution will help to prevent data loss due to spear-phishing attacks. It will protect sensitive data from unauthorized access or egress, even if a user falls for a phishing scam.

A case of Spear Phishing

One of the most eminent examples of a spear-phishing attack that succeeded regardless of its suspicious nature targeted the RSA Security firm in 2011.

The attackers sent two different targeted phishing emails to four workers at RSA’s parent company EMC. The emails contained a malicious attachment with the file name “2011 Recruitment plan.xls,” which contained a zero-day exploit.

When one of the four recipients clicked on the attachment, the exploit attacked a vulnerability in Adobe Flash to install a backdoor onto the victim’s computer.

“The email was crafted well enough to trick one of the employees to retrieve it from their Junk mail folder, and open the attached excel file,” RSA wrote in a blog about the attack.

Comments (20)

It¦s really a nice and useful piece of info. I am satisfied that you simply shared this helpful information with us. Please keep us up to date like this. Thank you for sharing.

Looks terrific! Shows up good right listed above.

I simply want to tell you that I am newbie to blogging and site-building and truly enjoyed this web-site. Likely I’m going to bookmark your blog . You amazingly come with wonderful posts. Thanks a bunch for revealing your website page.

Wow, that's what I was looking for, what a stuff! existing here at this webpage, thanks admin of this web page.

Hi mates, how is the whole thing, and what you want to say about this article, in my view its genuinely awesome in favor of me.

A motivating discussion is definitely worth comment. I believe that you should write more on this subject, it may not be a taboo matter but typically folks don't discuss such subjects. To the next! Many thanks!!

These are really great ideas in on the topic of blogging. You have touched some nice things here. Any way keep up wrinting.

Thanks for another magnificent post. Where else may just anyone get that type of information in such an ideal approach of writing? I've a presentation subsequent week, and I'm on the search for such info.

Magnificent goods from you, man. I've keep in mind your stuff previous to and you are simply extremely great. I really like what you have bought here, really like what you're stating and the way in which wherein you are saying it. You're making it enjoyable and you continue to care for to keep it smart. I can not wait to read much more from you. This is actually a tremendous site.|

Hmm it looks like your blog ate my first comment (it was super long) so I guess I'll just sum it up what I had written and say, I'm thoroughly enjoying your blog. I too am an aspiring blog blogger but I'm still new to everything. Do you have any recommendations for beginner blog writers? I'd genuinely appreciate it.|

I'm not certain where you're getting your info, but good topic. I needs to spend a while studying more or understanding more. Thanks for fantastic info I used to be in search of this information for my mission.

This is really interesting, You are a very skilled blogger. I've joined your rss feed and look forward to seeking more of your excellent post. Also, I've shared your site in my social networks!

As the admin of this site is working, no doubt very rapidly it will be well-known, due to its feature contents.

I would like to thank you for the efforts you've put in penning this blog. I am hoping to check out the same high-grade blog posts by you later on as well. In fact, your creative writing abilities has inspired me to get my own blog now 😉

Fantastic website you have here but I was curious if you knew of any discussion boards that cover the same topics talked about in this article? I'd really like to be a part of group where I can get opinions from other knowledgeable people that share the same interest. If you have any suggestions, please let me know. Thanks!|

Hi every one, here every person is sharing these familiarity, thus it's good to read this blog, and I used to visit this weblog everyday.

Hello everyone, it's my first pay a visit at this website, and piece of writing is really fruitful in favor of me, keep up posting these content.

Hello to every , since I am in fact keen of reading this weblog's post to be updated regularly. It contains pleasant information.|

Hey there this is somewhat of off topic but I was wanting to know if blogs use WYSIWYG editors or if you have to manually code with HTML. I'm starting a blog soon but have no coding skills so I wanted to get advice from someone with experience. Any help would be enormously appreciated!

I think this is one of the most important information for me. And i am glad reading your article. But wanna remark on some general things, The site style is wonderful, the articles is really nice : D. Good job, cheers

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyrights ©2016: Pyramid Cyber security & Forensics