5.25.22

Spear Phishing Scams

Spear phishing attacks are on the rise.

A popular attack that cybercriminals use is called spear phishing. In many of these cases they use an employee’s first and last name from a company and pretend to be them. For example, they could email the CEO and make it look like it’s coming from the CEO’s IT Department. If the CEO fell for the email and clicked on any links, downloaded any attachments or filed out any credentials it would go straight to the cybercriminals.

About this type of attack: Spear phishing attacks are targeted at a single person or department. Cybercriminals do extensive research to find out who this person or department talks to most often and poses as that person. They do this since the employee or department already has a trusting relationship with this person and are most likely to fall for it. These attacks can happen to anyone in a company it doesn’t just have to be an executive so make sure everyone is taking precautions. 

Tips:

  • Check email headers to figure out if you recognize the sender or not.
  • Do not open attachments or click on links from an email you weren’t expecting.
  • Always verify with the real person by reaching out to them by phone or in person.

Learn more tips like this and train your employees with our Security Awareness Training Program.