[CyberSecurity Blog Series] What is Spear Phishing and how to avoid it?

[CyberSecurity Blog Series] What is Spear Phishing and how to avoid it?

What is Spear Phishing?

Spear Phishing is a form of Social Engineering. It may be defined as ‘highly targeted phishing aimed at specific individuals or groups within an organisation’.

Due to the amount of information that can be found freely with just a little digging around online from sites like LinkedIn, Facebook and company’s own websites it is possible to add convincing details to Phishing scams. Spear Phishing emails, for instance, may refer to their targets by their specific name, rank, or position instead of using generic titles as in broader phishing campaigns.

This type of scam is now becoming much more abundant, a 2016 Verizon Data Breach Report states that over 80% of malware infestations are delivered in this targeted way.

Security tips

  • Verify the request. Make a call to the genuine sender, ask if they have sent you an email and what it was.

  • Question all email requests. Avoid responding to the request, do not give any information in reply.

  • Have protocols for accounts teams to follow before issuing payments


[CyberSecurity Blog Series] What is Social Engineering?

[CyberSecurity Blog Series] What is Social Engineering?

What is Social Engineering?

When the term ‘Social Engineering’ is used in the context of cybersecurity, or cybercrime it is a generic term for any attempt to have an end user assist the perpetrator by having them do something. Outside of the cyber realm this would be better known as conning (confidence trick) or scamming somebody.

Social Engineering attacks are identified by the Interpol as one of the world’s emerging fraud trends with reported loss has been doubled to 1 billion dollars in 2015.

What are the common Social Engineering attacks?

Cybercriminal using Social Engineering are a definite threat to today’s businesses, from the local pizza shop to the Fortune 500. However, a little bit of education and the right solutions go a long way. Make sure your employees understand what to watch our for and you can avoid a lot of headaches.
There are ways to protect your business against Social Engineering attacks. Download our ebook “A Quick Guide to today’s cyber threats” and you will learn about the current trends in security threats, be able to identify vulnerabilities, and protect your data against these threats.

million (£) loss in 2015 due to Social Engineering fraud