Download the full research paper : Sphear-Phishing Email: Most Favored APT Attack Bait
Advanced persistent threat (APT) campaigns comprisea growing part of the current threat landscape. Some APT campaigns remain active, in fact, even after drawing extensive media attention. Campaigns’ routines may vary over time but their primary goal remains the same—to gain entry to a target organization’s network and obtain confidential information.
Spear phishing continues to be a favored means by APT attackers to infiltrate target networks. In a typical spearphishing attack, a specially crafted email is sent to specific individuals from a target organization. The recipients are convinced through clever and relevant social engineering tactics to either download a malicious file attachment or to click a link to a malware- or an exploit-laden site, starting a compromise.
While spear phishing may be a timeworn technique, it continues to be effective even in today’s Web 2.0 landscape. In 2011, security firm RSA suffered a breach via a targeted attack. Analysis revealed that the compromise began with the opening of a spear–phishing email.That same year, email service provider Epsilon also fell prey to a spear-phishing attack that caused the organization to lose an estimated US$4 billion.
This research paper presents Trend Micro findings on APTrelated spear phishing from February to September 2012. We analyzed APT-related spear-phishing emails collected throughout this period to understand and mitigate attacks. The information we gathered not only allowed us to obtain specific details on spear phishing but also on targeted attacks. We found, for instance, that 91% of targeted attacks involve spear-phishing emails, reinforcing the belief that spear phishing is a primary means by which APT attackers infiltrate target networks.
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).