Security News > 2020 > January > 5 tips to avoid spear-phishing attacks
As you can imagine, the way the hackers got in is supposed to have been by means of phishing attacks.
The good news is that most of us have learned to spot obvious phishing attacks these days.
The bad news is that you can't reliably spot phishing attacks just by watching out for obvious mistakes, or by relying on the crooks saying "Dear Customer" rather than using your name.
You need to watch out for targeted phishing, often rather pointedly called spear-phishing, where the crooks make a genuine effort to tailor each phishing email, for example by customising it both to you and to your company.
DO CONSIDER PHISHING SIMULATIONS. Products like Sophos Phish Threat can expose your users to the sort of tricks that spear-phishers use, but in safety so that if they do fall for it, no real harm is done.
News URL
https://nakedsecurity.sophos.com/2020/01/17/5-tips-to-avoid-spear-phishing-attacks/
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)