Blog

Spear Phishing – Targeting Organisations from Within

posted by: Blog Author date: Jan 09, 2018 category: All, Brand Abuse, DMARC, Malware, Phishing, security awareness comments: 0

Most people are aware of what phishing emails are and know not to click on links in emails.  You know the ones – that claim to be from a bank and warn you that your account has been compromised and you need to “Click Here” to update your login details.  We’ve all been told what signs to look for, which might indicate to us that an email is a scam.

But what happens when the email comes to you at work and is from your boss?  Would you think twice about doing what is being asked of you?  For most employees, the answer is “probably not.”

Spear phishing is a type of phishing email, where the criminals have done their homework before launching their attack.  They will have trawled the internet (using LinkedIn, company websites, Facebook and anything else they can get their hands on) to find out as much information as they can about the Executives in an organisation, as well as the people that work in the payroll or IT departments.  They then create fake, but legitimate looking email accounts for Executives, and use them to email staff requesting anything from network credentials to financial transactions.

In March 2016, staff members of a software company started receiving emails from their superiors, asking that they transfer funds to off-shore accounts that were not related to the business. FraudWatch International assisted a Software company with this Spear Phishing issue through their Anti-Phishing and Brand Abuse services.    Staff members could easily fall for these targeted emails due to their naivety and trust – why would you question an authority figure asking you to do a job?  Spear phishing attacks like this one, could result in financial loss and security breaches, especially if the emails also contained links to malware.

Spear Phishing Email Example

This is a sample of the email their staff received. Identifying information has been redacted.

FraudWatch International was able to block the email addresses the scammers were using, which in turn deterred the criminals from targeting the company.  It also stopped the criminals from receiving responses from internal staff that had fallen for the scam and put a halt to them sending further emails.

Spear phishing is not limited to a particular industry or even a certain employee type. Fake payment requests, phishing and malware emails or simply emails requesting information can all be sent very easily to try and penetrate an organisation’s last line of defence, the employees.

In response to the growing number of spear phishing incidents, FraudWatch International has developed a new product called Security Awareness.  Security Awareness offers internal security awareness training, teaching staff the risks of online threats and how to protect your company against these threats, such as spear-phishing emails. This training helps an individual to recognise and become aware of suspicious emails and therefore reduces the risk of staff members falling victim to these attacks.

FraudWatch International also has another service to help prevent spear phishing attacks, DMARC Protection, which is an email-validation and reporting system that can indicate when a company’s domain has been spoofed when receiving an email.  Both of these products and services provide companies with ways to combat spear phishing attacks.

Comments are closed.