Spearphishing is a extremely common email or other means of electronic communications scam highly targeted to a specific user or organization. This attack is often intended to steal your data or launch a ransomware attack, cybercriminals may also try to install malware on the targeted individuals computer or network.
How does this all work?
Here is a very common scenario we see. An email arrives, purporting to be from a trustworthy source. This message then leads the user to a website controlled by the attacker with malware or an attachment with malicious code. The trustworthy source may appear to be the company CEO, a government official or even a friend you may converse with often on social media. The idea of a well crafted spearphishing campaign is to highly target an individual or organization. The information used in the communication may be information specific to you or your business. It could also contain private information that was previously stolen from you on or harvested from social media.
Who are these cyber-criminals?
Spearphishing attacks against large organizations or businesses can often be state sponsored. They will buy and sell company specific data or information from other criminals in order to craft emails and websites looking as legitimate as possible. The message can be engaging seeking a prompt reply or with a call to action. The attackers will also generate spearphishing emails targeted at specific employees within a business. This makes the messages even more appealing and legitimate looking. The most successful attack are ones who target individuals as narrow as possible at all levels.
How do I protect myself and my business (or employer)?
The nature of this attack is modern technology wont help you in this case. There is no piece of software or service you can buy to totally prevent this attack. Educating yourself and training of staff is your best offense. Because of that, below is a list of some helpful tips and tricks to protect yourself:
- Does the email address match the purported sender? If you are receive an email from the CEO and your company email format is [email protected] – an email coming from [email protected] is a clear indicator. If you see the email is from a completely different domain, another clear indicator.
- Does the email just seem off or “weird”? Is the sender asking you for something out of the ordinary? Maybe they are asking you to complete a task which they would normally not ask you in email. For instance, in a large organization would you get an out of the blue email from the CEO asking to purchase gift cards? Probably not.
- Does the email come out of no where? While you may think the email is legitimate and has passed some other sanity checks. Did the message just arrive out of the blue? Maybe the sender is supposed to be on vacation or is in another timezone?
- What does your gut say?!
If you are still unsure, check with them directly via another means of communication. Remember, their mailbox may be compromised so replying back may not be safe. If you work in a business or office, check with your IT crew or reach out to us for help. Finally, pick up the phone and call them!