THREAT OF THE MONTH: Blended spear phishing
Spear phishing is the use of cleverly crafted and targeted emails or social media messages designed to trick the user into performing an action such as clicking on a link or opening a file.
How does it work?
Attackers will send an email that is engineered to look legitimate and from a
trusted source. This email is designed to entice the user to open a file that contains a malware infection, or click on a link that will drive the user to a website.
Should I be worried?
Yes. Spear phishing is the leading source of successful infection found in the wild today. The technique's success ensures it will continue.
How can I prevent it?
Train your users to make them aware of the threat. Use cloud-based security tools to ensure users do not receive these targeted messages. Use multi-factor authentication to boost password security. Have a plan in place depicting what steps should be taken, should a user fall victim to an attack.
– Mark Parker, senior product manager, iSheriff
From the - March 2015 Issue of SCMagazine UK »