It is well-known in the cybersecurity community that phishing is considered to be one of the greatest threats to both individuals and companies. This is generally considered a malicious attempt by attackers to acquire sensitive information such as financial data or credit card information, by disguising themselves as a legitimate and reliable entity. A common example of phishing is a hacker sending an email to a victim pretending to be a bank to acquire user data.
It’s important to note that, with phishing attacks, emails and messages tend to be generic and mimic legitimate messages from service providers. These messages are sent to large number of addresses, require users to provide confidential information, and can often contain malicious attachments. This is an effective method for cybercriminals because it increases the likelihood that at least some of their targets will respond and provide the information.
Spear phishing, however, is a more targeted version of the common phishing attack. Spear phishing targets specific individuals and often uses social engineering techniques to trick them into providing sensitive information and downloading ransomware or other malware. The messages can also contain links, attachments, or invites to click somewhere to verify their account. Links are also provided for the user to update the information, which lead to malicious websites or dangerous downloads.
Spear Phishing is much more sophisticated than normal phishing because the emails target users who have access to specific information the hackers want. For example, the targets could be accounting clerks, executives, or IT professionals. These emails often will appear to come from a trusted source such as a co-worker or business partner.
Among the different types of spear phishing, we can find:
- Compromised corporate email: Attackers here will gain unauthorized access to a corporate email account and impersonate its owner to send phishing messages to colleagues or partners. These attacks are often associated with wire fraud.
- Whaling: Attackers will also target members of an organization who are likely to have privileged access to specific information. Among these targets, we can find high-level executives or managers. These types of attacks are extremely sophisticated and well-planned.
- CEO fraud: With this type of attack cybercriminals will impersonate the CEO of an organization or an executive, creating a sense of urgency in employees to exploit their position.
- Clone phishing: With this type of attack, the cybercriminals send victims an email that appears to come from someone that the victim trusts, such as financial institutions or corporate services;
- Angler phishing: Here the users who interact with companies on social media such as Twitter or LinkedIn are targeted. In this case, they will come across as a company representatives to respond to complaints or make offers. That’s why, before interacting with a company representative, it is always advisable to verify their identity.