It seems that many infosec criminals have gone fishing these days. Spear Phishing to be precise. I’ve personally worked with clients who have been targeted by this relatively new threat vector.
What is “spear phishing” or “spearphishing”? Well, you are all aware of what “phishing” is. You know the emails pretending to be your bank or pretending to be UPS that have the suspicious looking attachment when you haven’t even shipped anything lately. The attackers want you to click on that bank link, and enter your credentials, which will end up in the hand of a crime syndicate if you do, or click on that attachment, which will likely deploy some sort of virus onto your computer. We talked recently about the proliferation of ransomware. Phishing is one way that ransomware is deployed. There is always someone in the organization who will click.
Symantec says that the “latest twist on phishing is spear phishing. No, it’s not a sport, it’s a scam and you’re the target. Spear phishing is an email that appears to be from an individual or business that you know. But it isn’t. It’s from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC.”
Sometimes spearphishing appears to have been sent by a company executive within your company. It might look very legitimate and urgent. Often it is requesting that you pay certain invoices or transfer funds immediately. This can be confusing if you are in Accounts Payable and you handle invoice payment requests daily.
Recommendations to not become a spearphishing victim are according to Symantec:
“If a “friend” emails and asks for a password or other information, call or email (in a separate email) that friend to verify that they were really who contacted you. The same goes for banks and businesses. First of all, legitimate businesses won’t email you asking for passwords or account numbers. If you think the email might be real, call the bank or business and ask. Or visit the official website. Most banks have an email address to which you can forward suspicious emails for verification.”
Just be careful on what you click on, no matter who it comes from.