SME’s and their networks are consistently targeted by a wide variety of threat actors and cyber criminals looking to steal information.
Cyber criminals are technologically savvy, vulnerability conscious, and aggressively agile. They train on how to target you! A successful intrusion can quickly lead to the loss of data integrity and confidentiality. Employees are privy to important and sensitive information, and as a result, often receive malicious emails that are intended to provide cyber intruders access to this information. Because you care, it would only be responsible as a company and for your employees to be aware of the threats and take care to ensure that organizational information is protected and secure.
What Is Phishing?
It is the act of sending mass emails which appear to be from legitimate sources, but contain infected attachments or malicious links
What Is Spear phishing?
Though similar to phishing, it is a tactic threat actors use to send socially-engineered emails to specifically target individuals or groups based on their personal characteristics, interests or lines of work.
Spear phishing is effective because phishers create emails that seem genuine. They contain company logos or trademark information, the subject line is relevant, the message is pertinent. Given receivers’ desire to trust, it is easy for them to believe that these emails are legitimate and click on the links or open the attachments.
Malicious software can be contained in attachments such as PDFs, photos, office documents, as well as Web links that seem legitimate. Spear phishing creates opportunity for cyber compromises in any organization.
Who Is A Target?
Everyone can be a target of phishing and spear phishing emails. Those more commonly targeted include the following individuals:
How Can You detect spear-phishing emails?
Though spear-phishing emails can be hard to identify, here are a number of proactive ways to avoid falling prey to them and triggering a cyber-incident. Before opening attachments or links embedded within an email, take the following steps: