Cyber Threats: Spear Phishing Attack

 

Cyber Threats: Spear Phishing Attack

spear phishing attack

A Spear phishing attack is among the most popular entry points of
cybersecurity breaches. According to a report from Trend Micro, 91% of cyberattacks are initiated by a spear phishing email. A spear phishing attack requires advanced hacking skills and are very hard to detect because they typically rely on the end-user’s opening a file in a personal, targeted email.

There are two methods of spear phishing: “spray and pray” and targeted attacks. In a spray-and-pray attack, an email is sent out to many people within an organization containing a link that some might click on. Targeted attacks are very effective and dangerous because the attacker finds exactly who, within an organization, has access to the information they are looking for and sends a custom email just to that person. Acting as a trusted colleague, friend or company with a- seemingly- harmless attachment or link, users often allow a hacker to create a back-end or sends the receiver to a malware site by downloading said link/attachment.

Trend Micro reports that the most commonly shared file types (XLS, PDF, DOC, DOCX and HWP) account for 70% of spear phishing attachments. This shows how a spear phishing attack is even harder to detect. The report goes on to say that 94% of targeted emails use a malicious file attachment over malicious links.

The most commonly targeted industries of spear phishing attacks are government agencies and activist groups- likely for similar reasons. Government officials and activist leaders typically have contact information and background information readily available to the public, making them easy targets for spear phishing con-artists. Heavy equipment, aviation, and financial organizations are next on Trend Micro’s list of most targeted industries. You can read the full report from Trend Micro here.

To learn about Brute-force Cracking, see last week’s Cyber Threat!

Spear-fishing Attack Case Study: LinkedIn

LinkedIn is widely discussed in the cybersecurity industry as being a gold-mine for the hacker’s tool-kit. With over 433 million members, with an overwhelming population of business people, all disclosing their names, where they work, who they work with and- often- their email addresses, why wouldn’t a hacker leverage this tool to launch a spear phishing attack?

In 2012, LinkedIn was the victim of an attack compromising upwards of 117 million user records. Kapersky Lab has been a forerunner of keeping LinkedIn aware and on their toes about data breaches (having given them warnings about their vulnerabilities in the past) and just a few months ago came out with some literature about how users can better protect themselves from having their information put in the wrong hands. You can read their tips about how to protect yourself on LinkedIn here.

Four years later, in May 2016, the attackers from 2012 resurfaced with threats of using the information gathered in the previous breach. As a form of warning- or maybe just gloating- the attackers hacked into the social media accounts of two social media giants: Mark Zuckerberg and Dick Costolo. Nothing drastic happened, they just logged into their social media accounts and started posting fraudulent posts on their respective walls, pages, etc. The pair were able to detect the breaches fairly quickly with no irreversible damage perceived. It is believed that these breaches were results of the 2012 LinkedIn hack.

The key take-away from this breach is: being a high-profile, tech-savvy individual doesn’t safe-guard you. Everyone is at risk of a cyberattack. Be present when interacting online and be clever about protecting your data. According to regional director for Microsoft, Troy Hunt, Zuckerberg’s breach was the simple product of a flimsy password. Hunt also has a site where anyone can see whether their accounts have been compromised. You can check out your accounts on his site here and read more about the Zuckerberg/Costolo attack here. Another resource for better understanding how hackers utilize LinkedIn can be found here at SecureList.com.

Defenses against Spear-Phishing Attacks

When dealing with a spear phishing attack, the best line of defense is comperehensive awareness training. Often times, companies that are hit with spear phishing attacks are confident in their anti-virus, anti-malware and other cybersecurity softwares and technologies, but manager end-points were not so secure. Just like regular phishing attacks, the first line of defense is to remove administrative privileges. This is a quick way to secure a network, control a breach and be able to successfully mitigate the attack.

Spear phishing attacks typically target decision makers within a company. Often pretending to be a trusted colleague, friend or partner company- owners, managers and administrators need to be thoroughly trained and taught about “tells” in these cleverly malicious messages. Aside from awareness training, there are a number of technologies which can greatly decrease chances of a spear phishing email coming through and being entertained.

The Ultimate Product Tool Kit (for defense against spear-phishing):

  1. End-user Security Awareness Training Program
  2. Risk and Vulnerability Assessment
  3. Patch Management of OS and Third-party Applications
  4. Managed Antivirus
  5. Web Protection
  6. Managed Online Backup

Learn how to detect and mitigate cyber threats with our Cyber Threat Detection and Mitigation Certification Training Course!

Start your FREE trial today!

Cyber Threat Detection and Mitigation

CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting edge cyber security training. Our training provides the most in demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cyber security education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand LMS platform has white-label capabilities ideal for internal training purposes.

 

3 thoughts on “Cyber Threats: Spear Phishing Attack

  1. miód manuka

    Hi,

    I have read 4 articles on your blog – all of them are very helpfull.
    I added blog.cybertraining365.com to favourite websites.
    What do You think about Brexit? Are You proponent or oponent?

    Regards!
    name

    Reply
    1. admin

      It’s a risky move for various reasons and will require some strategy for them. Infosec has a pretty good article about the complications regarding Brexit and cybersecurity.

      Reply
  2. Speed Rank Seo

    After reading your blog post I browsed your website a bit and noticed you are not ranking nearly as well in Google as you could be. I possess a handful of blogs myself and I think you should take a look at speed rank seo, just search it on google. You will find its a very nice tool that can bring you a lot more visitors. Keep up the quality posts

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *