Security News > 2022 > May > Nothing personal: Training employees to identify a spear phishing attack
An increase in employee training and improved general awareness of cybersecurity has forced cybercriminals to change their tactics and take a more personal approach, known as spear phishing.
To stay in front of new phishing attack techniques, it's also essential that employees are equipped with all the knowledge they need to spot a potential phishing attack that goes undetected, including how attack content differs from legitimate emails.
Social media platforms such as LinkedIn can provide a range of information that allows cybercriminals to imitate colleagues and discuss recent company news - all adding to the realism of the spear phishing attempt.
An email-borne spear phishing cyberattack is designed to get the targeted recipient to act in the desired way - whether it's clicking a link, opening an attachment, giving up information in a reply, or performing a business-related action.
Regardless of whether malicious attachments or links are used, social engineering plays a significant role in spear phishing to convincingly fool the user.
One way for organizations to ensure their users can spot a potential phishing attempt is to implement security awareness training.
News URL
https://www.helpnetsecurity.com/2022/05/06/spear-phishing-cyberattack/
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)