Spear phishing is a phishing method that targets specific individuals or groups within an organization. It is a potent variant of phishing, a malicious tactic which uses emails, social media, instant messaging, and other platforms to get users to divulge personal information or perform actions that cause network compromise, data loss, or financial loss. While phishing tactics may rely on shotgun methods that deliver mass emails to random individuals, spear phishing focuses on specific targets and involve prior research.
A typical spear phishing attack includes an email and attachment. The email includes information specific to the target, including the target's name and rank within the company. This social engineering tactic boosts the chances that the victim will carry out all the actions necessary for infection, including opening the email and the included attachment.
Spear Phishing and Targeted Attacks
Spear phishing is typically used in targeted attack campaigns to gain access to an individual’s account or impersonate a specific individual , such as a ranking official or those involved in confidential operations within the company. Trend Micro researchers found that more than 90 percent of targeted attacks in 2012 were derived from spear phishing emails.
Spear phishing attackers perform reconnaissance methods before launching their attacks. One way to do this is to gather multiple out-of-office notifications from a company to determine how they format their email addresses and find opportunities for targeted attack campaigns. Other attackers use social media and other publicly available sources to gather information.
How to Defend Against Spear Phishing Attacks
No matter where you are in the organizational structure, attackers may choose you as their next spear phishing target to snoop inside an organization. Here are some best practices to defend against spear phishing attacks: