Last week, we talked about mass phishing and ways you can identify and avoid attempts by others to steal your personal information this way. Mass phishers like to broaden their range of potential targets and hope that by casting their net wide, they’ll be able get a few people tangled up along the way. Spear phishers, on the other hand, focus on making personalized attacks against unique targets, which makes their attempts that much more effective than mass phishers.
Spear phishing has been around for a while, but there’s a reason why it’s a growing threat in 2013. With record numbers of people using social media platforms every day, there’s a tremendous wealth of personal information in cyberspace. The ease with which a stranger can learn basic information about you makes it easier for them to gain your trust.
Knowing personal information about you, your friends, your workplace or even your physical location gives phishers a great advantage when it comes to impersonating someone you might trust.
A spear phisher might also boost their own credibility by contacting you through multiple avenues. A “multiple-pronged” spear phishing attack might include a text to your smartphone, followed up by an e-mail or Facebook message.
Like in mass phishing, many communications (through e-mail or text) include a link to a third party website that automatically launches malware on your computer, tablet or smartphone. The malware then mines your database for personal information, which could include passwords, sensitive numbers or financial information.
E-mails from spear phishers look more convincing than communications from mass phishers. An effective e-mail from a spear phisher might perfectly emulate the style, design, content and tone of an organization’s newsletter. It takes a vigilant user with a trained eye to weed out hacking attempts in a spear phishing scenario.
Spear phishers also zero in on targets that they know are valuable. Sometimes, they focus on average users, relying on human error to expose the weakest link in a corporate network. In other cases, they go straight to the top, looking to snag the biggest fish possible.
Whether it’s on a mass scale or laser-focused, phishing can wreak havoc on your personal and professional life if you’re not careful. Remember that most organizations will never ask for your personal information via text or e-mail. Links to external websites should also be a red flag. Be wary of what you click and always err on the side of caution. If something looks even a little suspicious, it’s always better to be safe than sorry.
[button url=”http://bit.ly/TC4ADq” icon=”arrow-down” color=”green”] Download from Google [/button][button url=”http://www.amazon.com/PerSysTek-RecordVault/dp/B00BHLAALA/ref=sr_1_1?s=mobile-apps&ie=UTF8&qid=1366140098&sr=1-1&keywords=recordvault” icon=”arrow-down” color=”green”] Download from Amazon [/button]