Recently a cyber attack using spear phishing was avoided by Comodo’s Comodo Threat Research Labs. So today we will be covering all aspects of this common type of phishing and how you can keep your assets safe.
Spear Phishing targets a specific organization or individuals, seeking access to sensitive information. This information, which may be usernames, passwords, or bank account details, is then used by the “phisher” in a malicious way for personal gain. Spear phishing often involves the attacker gathering personal information about the victim from searching through their social media pages to foster a sense of trust with their victim and tailoring the email to the specific target. This increases the probability of success of the attack.
What is Spear Phishing?
Spear phishing used to work by the criminals simply sending an email pretending to be a legitimate organization that the victim trusted. The email would contain a message informing them that there was something wrong with their account and direct them to log in via a link embedded in the email. This link would redirect the victim to a fraudulent website. The email may also contain a malicious attachment which harbored malware. The victim would be instructed to input their login information as normal on the fake website, and that data would be collected by the phisher.
As internet users have become more aware of the potential threat posed by phishing, the criminals have had to craft emails which are more convincing replicas of the real deal. Many phishers have now designed emails which are virtually identical to legitimate emails to the untrained eye. Furthermore, the websites to which the emails redirect have also increased in complexity, increasing the probability that the potential victim will be fooled into giving away their valuable data.
What do Spear Phishing attacks look like?
In regard to the link embedded in the email, link shortening is a common way of directing victims to a malicious website. There are many services online which perform this service, such as Bitly. Victims then have no way of knowing if the shortened URL directs them to the legitimate website or to one created by the phisher.
Spear phishers have also become increasingly good at bypassing the security measures inbuilt to an email inbox. When sending the email, phishers may bypass email inbox filters by rendering all or part of their message as an image. Filters are designed to pick up on phrases which are common to phishing emails. In image form, phrases used in the email are therefore not picked up by the filter, so the email reaches the potential victim’s inbox.
The easiest way to avoid being misdirected to a fake website is not to follow the link embedded in an email. Simply search for the website in question in a new tab, and login through that website. If there really is something wrong with your account, you shall be informed on login. Furthermore, familiarising yourself with common phrases used in phishing emails (such as being addressed to “our valued customer” instead of your name/username) can help protect yourself against scams which have made it past the email filters.