What is Spear Phishing and how to avoid it?

[CyberSecurity Blog Series] Spear Phishing

What is Spear Phishing and how to avoid it?

What is Spear Phishing?

Spear Phishing is a form of Social Engineering. It may be defined as ‘highly targeted phishing aimed at specific individuals or groups within an organisation’.

Due to the amount of information that can be found freely with just a little digging around online from sites like LinkedIn, Facebook and company’s own websites it is possible to add convincing details to Phishing scams. Spear Phishing emails, for instance, may refer to their targets by their specific name, rank, or position instead of using generic titles as in broader phishing campaigns.

This type of scam is now becoming much more abundant, a 2016 Verizon Data Breach Report states that over 80% of malware infestations are delivered in this targeted way.

Security tips

  • Verify the request. Make a call to the genuine sender, ask if they have sent you an email and what it was.

  • Question all email requests. Avoid responding to the request, do not give any information in reply.

  • Have protocols for accounts teams to follow before issuing payments

Being aware of the types of cyber scams is the best way to prevent being a victim. Test your knowledge in our 10-question Quiz “Are you the weakest link?” to see your ability to stay safe in today’s tech-driven world.