What is Spear Phishing and How Do I Protect Myself?

If you’re not aware of all the potential dangers you can fall victim to online it’s only a matter of time before the worst happens, whether you use antivirus software or not. Although spear phishing is a less common threat than malware the danger comes from the fact that such attacks are targeted at your specific vulnerabilities, making it much more effective.

Phishing – Sound Familiar?

One of the most widespread and well known scam methods to try to get a hold of sensitive personal information, banking info for example, is phishing.

Phishing mostly, but not exclusively, takes place via email. Scammers present themselves as trustworthy sources or companies, and try to persuade potential victims to hand over personal information like usernames, passwords, credit card and/or banking info. Scammers are ‘fishing’ for information, hence the term phishing.

A lot has been published about phishing, and people are often warned to be cautious of, and pay close attention to, phishing scams. It works in a fairly simple way:  a phishing email is sent out to a large group of people, without targeting anybody in particular. Sure, not everyone will respond, but sending out a large number of emails will generate enough responses to make it worthwhile.

To maintain the level of success of the phishing method, scammers need to come up with new methods, or new iterations of known methods. Once such spin-off is spear phishing.

Spear Phishing: Targeted Phishing

Phishing emails typically try to reach as many people as possible, but without actually targeting anyone specifically.

Spear phishing is a different ballgame, because this method does actually target specific groups, or even individuals.  Spear phishing emails are designed to appear to come from someone the recipient knows and trusts – a colleague, business manager or human resources department – and can include a subject line or content that is specifically tailored to the victim’s known interests or industry.

An estimated 91% of targeted hacking attacks fall into the phishing and spear phishing category. The reason why it is such an effective method, is that email is generally regarded as trusted traffic. That’s how it gets into the network, even if firewalls and other types of security software are active.

Phishing attacks work for the simple reason that an awful lot of people click on such emails, even when they are suspicious.

Spear Phishing Takes Thorough Research

Spear phishing is typically the type of scam that happens to people at their workplace.

A scammer gets your contact information, or the contact info of everyone in the whole company. That is where the preparation starts: scammers will take the time to inform themselves about your company and the people that work there – from the lowest rung all the way up to the management.

That way, they have the best shot of creating an email that will hit home and bring results. A typical spear phishing example would be an email from one authoritative person to another. If the scammer does a good job, there will be nothing weird or ‘fishy’ about the email.

The outcome of such an effort is generally the same as in regular phishing attacks: clicks to malicious content, submission of personal, sensitive info, and a lot of repairing and trying to save whatever’s left to save once the victim finds out what actually happened.

Assist Your Antivirus Software

Take your time to read emails and be aware of little hints that are ‘off’ – it can save you a lot of trouble as your antivirus software may not protect you against every attack.

Check out our latest recommendations for the best antivirus software – Protect your devices today!