Security News > 2020 > January > 5 tips to avoid spear-phishing attacks
As you can imagine, the way the hackers got in is supposed to have been by means of phishing attacks.
The good news is that most of us have learned to spot obvious phishing attacks these days.
The bad news is that you can't reliably spot phishing attacks just by watching out for obvious mistakes, or by relying on the crooks saying "Dear Customer" rather than using your name.
You need to watch out for targeted phishing, often rather pointedly called spear-phishing, where the crooks make a genuine effort to tailor each phishing email, for example by customising it both to you and to your company.
DO CONSIDER PHISHING SIMULATIONS. Products like Sophos Phish Threat can expose your users to the sort of tricks that spear-phishers use, but in safety so that if they do fall for it, no real harm is done.
News URL
https://nakedsecurity.sophos.com/2020/01/17/5-tips-to-avoid-spear-phishing-attacks/
Related news
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)