Cybercriminals are creating increasingly sophisticated scams to lure you into sharing your personal information with them. In this post, we talk about one of these threats, known as spear phishing. Keep reading to learn what it is and how to protect yourself and your business.
What Is Phishing?
Generally speaking, phishing occurs when criminals pose as a reputable institution or individual to get you to share personal information or take a risky action such as clicking on a malicious link or downloading a document infected with malware.
The most common way to deliver phishing messages is by email, although it’s not unusual to see criminals send text or social media messages as well.
These are some of the hallmarks of a phishing message:
- Cybercriminals use emotions such as fear, greed, or curiosity to get you to act the way they want you to.
- These criminals are also extremely skilled at creating emails and websites that look legitimate. Pay close attention to misspellings both in the body of the message and in internet addresses (for example if your bank’s address is www.usabank.com, criminals may create a malicious website with the address www.suabank.com).
- Phishing emails often include suspicious attachments which the sender urges you to download.
- Phishing messages often reference or pose as coming from legitimate institutions such as the National Center for Missing and Exploited Children.
What Is Spear Phishing?
Phishing is a social engineering technique with many different applications and sub-types.
One of the most dangerous varieties of phishing is known as “spear phishing.”
To use a metaphor, when criminals go “phishing,” they are casting a wide net. They usually send hundreds of thousands of emails and hope that at least a couple of recipients will take the bait.
On the other hand, when cybercriminals go “spear phishing,” they’re not casting a net but using a spear to skewer a specific fish: you.
In spear phishing, the communications (emails, text messages or social media messages) that criminals send are not generic, but specifically tailored to the victim.
In the most sophisticated cases of spear phishing, criminals first use a classic phishing attack to infect the victim’s computer with malicious software. This way, they can glean information to create messages that are extremely believable.
However, this isn’t always necessary. We live in such a connected age, that criminals can collect tons of details from social media platforms such as Facebook or LinkedIn (as a side note, this is a good reason to be careful about what you post online!)
Spear phishing attacks are hard to detect, and are wrecking damage even on the organizations that seem best prepared to deal with cyberattacks.
Being aware of this tactic and looking for the typical hallmarks of a phishing attempt (listed at the beginning of this article) are two of the most effective ways to ward off spear phishing.
Delgado’s Insurance: Affordable Renters Insurance in California
If you need insurance in the Golden State, look no further than Delgado’s Insurance.
We have locations in Riverside, California, and Bloomington, California. Get in touch today by telephone (951-361-0084, 909-421-9003), email (mail@delgadosinsurance.com), or through our social media accounts (Facebook, Twitter)!