Categorizing The Recent Spear Phishing Attacks For Effective Cybersecurity Awareness and Training
In today’s digital age, Advanced Persistent Threat (APT) attacks are becoming commonplace in the business environment. Spear phishing is the most commonly used vector for this sophisticated malware, multi-vector, and multi-stage campaigns. It helps hackers gain long-term access to an enterprise’ sensitive networks, data, and assets.
Cybercriminals have understood that spear phishing is the perfect vehicle for a wide array of damaging exploits. They are increasingly targeting executives and other high-level employees, to install the malware in their systems. The malware gives adversaries unauthorized access into the organization’s network. Sometimes, hackers also transmit ransomware which encrypts the organization’s data. Adversaries then demand hefty payments from the management.
Characteristics Of A Spear Phishing E-mail
The reason for the success of spear-phishing attacks is their ability to by-pass traditional security checks. The personal details give the messages an air of validity. While looking for statistics to find out how common is spear phishing, we found out that 1 in every 25 branded e-mails is a phishing e-mail. The characteristics of a spear-phishing attack are:
- A sender’s e-mail address which is spoofed: The sender’s address completely disguises a trusted source. However, it is easy to spot typographical errors on closer inspection.
- A sense of urgency: Attackers incorporate a sense of urgency in the e-mails so that it becomes binding for the victim to take action. A hacker may pose as the victim’s direct supervisor, asking for the username and password to an internal application.
- There are typographical errors, poor grammar, or unlikely language in the body of the message.
Categorizing The Recent Spear Phishing Attacks
Spear phishing attacks take various forms, and we can classify the recent spear-phishing attacks into the following categories:
Account Verification Scam
Account verification scam is one of the most common types of phishing attacks. These e-mails look very genuine at first look as the hackers incorporate all the logos and text of a trusted brand. Most of the time the brands used are Amazon, Walmart, Facebook, Twitter, etc.,
The e-mail alerts the receiver that there are few issues with the account, and the user needs to fix them immediately.
It further adds that failure to do so will result in the account getting suspended. Once the victim falls for the trap and clicks the link in the e-mail, it redirects him to a spoof website that is cleverly designed to look authentic and gathers the details of the victim. Even though Google and other big players have released many articles on how to prevent phishing attacks, but still people fall prey to these scams.
Cloud-based file sharing websites have made sharing large files very easy for the users. Some of the popular file-sharing sites include Google Docs, WeTransfer, DropBox, Box.com, etc.
Phishers use these brands to trick users by sending spear-phishing e-mails disclosing that some files are waiting for them to be picked up. Unsuspecting users bite the bait and download the file, without knowing that it is a malware. Soon their computer gets infected with the malware and opens up unauthorized access to sensitive information for the hacker.
Package Delivery Scam
The recent scam in the list of spear-phishing examples is the package delivery scam that gets circulated during the holiday season. Hackers send targeted phishing e-mails that notify users about a package waiting to be delivered.
It’s the holiday season, and nobody rejects a gift. Curious users click on the link, hoping to see the contents of the package. The malicious e-mail asks the victim to provide some sensitive information that later sells in the grey market. Usually, these e-mails come disguised under the name of popular shipping companies like FedEx, DHL, UPS, etc.
Fake Invoice Scam
Cybercriminals choose various techniques to attack unsuspecting users, and most of the time, taste success because of the lack of awareness among the people. Fake invoice scam is another tactic used by phishers where e-mails alert users about an invoice pending on their behalf. Sometimes the e-mail also threatens users to get the invoice cleared or get their account suspended. Clicking on the fake invoice attachment will install malware, spyware, or a virus in the system.
These scams can be spotted frequently during tax season. Even the IRS has issued warnings to its taxpayers about how attackers use fake IRS e-mail addresses to trick them. Most of the time, these messages come with a subject like “Tax Reminder” that contains links to spoof websites.
As technology evolves, the tactics and methods used by hackers and phishers also change. To stop advanced targeted attacks, organizations need comprehensive spear phishing protection which addresses every stage of an attack and safeguards the business network against multiple threat vectors.
Join the thousands of organizations that use DuoCircle
Find out how affordable it is for your organization today and be pleasantly surprised.