Spear Phishing: The Catch Is Worth It

Aug 14, 2013

Tags: , , ;

cyber criminalCybercrime is skyrocketing. In the first six months of 2012, about $700 billion was stolen from phishing scams. That’s roughly 33,000 monthly attacks.  Cybercriminals have honed their skills to target, attack, and retrieve information they need to pilfer individuals and companies.

In cybercrime, spear phishing is becoming the method of choice.  It "consists of a phony, but authentic-looking, e-mail designed to target a particular individual or organization, in an attempt to 'fish' out valuable information for financial, business or military gain—it differs from traditional phishing attacks in that it is not typically initiated by indiscriminate hackers, but rather is more likely to be conducted by criminals out for financial gain, trade secrets or military information."

Spear phishing thrives on persistency. Cybercriminals attack until they obtain the desired information. How do they target consumers? It begins by gathering information from public posts on social networks and other data collected through breaches. By so doing, the emails sent to unsuspecting victims appear legitimate and reliable.

Cybercriminals want consumers to click on links that re-direct them to websites that have been spoofed and are infested with malware. It is here that they ensnare their prey by requiring an entry of personal information such as account passwords and usernames, but mostly bank accounts.

The founder of Knowbe4, Stu Sjouwerman, suggests that it's best to prevent loss rather than to attempt recovery of data.

The first preventative measure you should take must begin with social media posts. Simply being too casual about the information you broadcast could make you a target among cybercriminals. It could even lead to identity theft. Once you're in their playing field, it's hard to discern the counterfeits.

Cybercriminals target those that give out their personal information freely; they are naturally the easiest targets. What can you do to protect your family?

  1. Talk with your family members about the consequences of sharing too much information online.  Consider each post on a social network to be copied.
  2. Social network monitoring software can assist a parent in tracking the things teens post on Facebook, Twitter, and other sites. At the third-party review site, Top Ten Reviews, there is a list of products that assist in monitoring Facebook use. We also recommend using Net Nanny Social.
  3. Parents should reiterate with their kids that when posting on a social network site, it’s important not reveal location, name, address, phone number, social security number, etc.

I work for Net Nanny and all my opinions are my own.