Security News > 2022 > May > Nothing personal: Training employees to identify a spear phishing attack

An increase in employee training and improved general awareness of cybersecurity has forced cybercriminals to change their tactics and take a more personal approach, known as spear phishing.

To stay in front of new phishing attack techniques, it's also essential that employees are equipped with all the knowledge they need to spot a potential phishing attack that goes undetected, including how attack content differs from legitimate emails.

Social media platforms such as LinkedIn can provide a range of information that allows cybercriminals to imitate colleagues and discuss recent company news - all adding to the realism of the spear phishing attempt.

An email-borne spear phishing cyberattack is designed to get the targeted recipient to act in the desired way - whether it's clicking a link, opening an attachment, giving up information in a reply, or performing a business-related action.

Regardless of whether malicious attachments or links are used, social engineering plays a significant role in spear phishing to convincingly fool the user.

One way for organizations to ensure their users can spot a potential phishing attempt is to implement security awareness training.

News URL

https://www.helpnetsecurity.com/2022/05/06/spear-phishing-cyberattack/