Security News > 2020 > January > 5 tips to avoid spear-phishing attacks
As you can imagine, the way the hackers got in is supposed to have been by means of phishing attacks.
The good news is that most of us have learned to spot obvious phishing attacks these days.
The bad news is that you can't reliably spot phishing attacks just by watching out for obvious mistakes, or by relying on the crooks saying "Dear Customer" rather than using your name.
You need to watch out for targeted phishing, often rather pointedly called spear-phishing, where the crooks make a genuine effort to tailor each phishing email, for example by customising it both to you and to your company.
DO CONSIDER PHISHING SIMULATIONS. Products like Sophos Phish Threat can expose your users to the sort of tricks that spear-phishers use, but in safety so that if they do fall for it, no real harm is done.
News URL
https://nakedsecurity.sophos.com/2020/01/17/5-tips-to-avoid-spear-phishing-attacks/
Related news
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Chinese national accused by Feds of spear-phishing for NASA, military source code (source)