Security News > 2022 > May > Nothing personal: Training employees to identify a spear phishing attack
An increase in employee training and improved general awareness of cybersecurity has forced cybercriminals to change their tactics and take a more personal approach, known as spear phishing.
To stay in front of new phishing attack techniques, it's also essential that employees are equipped with all the knowledge they need to spot a potential phishing attack that goes undetected, including how attack content differs from legitimate emails.
Social media platforms such as LinkedIn can provide a range of information that allows cybercriminals to imitate colleagues and discuss recent company news - all adding to the realism of the spear phishing attempt.
An email-borne spear phishing cyberattack is designed to get the targeted recipient to act in the desired way - whether it's clicking a link, opening an attachment, giving up information in a reply, or performing a business-related action.
Regardless of whether malicious attachments or links are used, social engineering plays a significant role in spear phishing to convincingly fool the user.
One way for organizations to ensure their users can spot a potential phishing attempt is to implement security awareness training.
News URL
https://www.helpnetsecurity.com/2022/05/06/spear-phishing-cyberattack/
Related news
- Spear Phishing vs Phishing: What Are The Main Differences? (source)
- European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack (source)
- Need to Know: Key Takeaways from the Latest Phishing Attacks (source)
- Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT (source)
- Hackers target FCC, crypto firms in advanced Okta phishing attacks (source)
- Hackers steal Windows NTLM authentication hashes in phishing attacks (source)
- Best of KB4-CON 2024: The State of Phishing, Hacking and Security Awareness Training (source)
- Flipper Zero WiFi phishing attack can unlock and steal Tesla cars (source)
- MiTM phishing attack can let attackers unlock and steal a Tesla (source)
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)