Spear phishing is a targeted attack that is used to steal credentials and/or personal identifying information. It’s a social attack that can come from many sources, not all of which are electronic in nature.
Spear phishing is similar to phishing, except that it targets a specific group or individual. Goals of spear phishing attacks include: stealing information about a person as to impersonate them, installing malware for continued attacks against an individual or company, surveillance, theft of trade secrets or even data destruction and denial of service.
It’s important to know that spear phishing is a method of attacking that tries to fool individuals into divulging information that is not otherwise publicly known. This can come from email claiming to be from a trusted person in authority, to phone calls, to letter mail.
Ultimately the strongest protection against phishing attacks is to always be skeptical of the source of information. We’re taught in school to always use two or (preferably) more sources to validate information as fact, the same is true to protect yourself from phishing attacks.
- Confirm requests before acting on them. An example: If an employee asks you using electronic means to reset a password. Give that employee a phone call to confirm the request.
- Do not send sensitive information unencrypted and unsolicited electronically. Sensitive information is any information that is not publicly known and that could cause damage to a company or individual if it were to be disclosed. Your credit card number, a company employee directory, a contract document, executive reports.
- Never open unexpected email attachments, and never click on links sent via email.
- Be suspicious of senders addresses/names. In some cases emails can look to come from someone within the company, where in fact the domain (last part of the email address) has a slightly different spelling than the legitimate address.
- Infected computers can spread spam that contains phishing emails by exploiting contact lists. Blocking direct email sending to the internet can help. A good way to do this is to configure outgoing email filtering and firewall rules.Use mail filtering and blocking technology on your mail system:
- This can help block commonly used spelling differences in email domains
- Use SPF/DKIM/DMARC to greatly increase the chances that emails coming to you are legitimate. This also increases the chances your emails will not be blocked by your customers or vendors.
- Use geoblocking if your firewall supports it when hosting your own email server to quickly prevent most unsolicited connections from overseas.
- Occasionally test employees by using a third party to craft a phishing campaign against your company. Employee education is important and awareness and training are some of the best techniques to protect your company from phishing. When you test employees, it’ll give you a great sense as to the effectiveness of the educational campaign and it will give greater awareness to those employees as to the seriousness of the challenge.
Check out more of our How-To’s for additional great tips like this one.