02.25.15

Spear Phishing

This is one of many techniques that cyber criminals use.

The most useful tools for spreading and attacking are malicious emails and websites.

Affected people are tricked by very efficient social engineering to open and read malicious emails. Sophisticated social engineering tricks are used to make people click on malicious links within emails and to make people execute attachments. Sometimes, these attachments are packed within password protected archives such as ZIP and RAR and the receiver of the email tricked to extract the malicious files using password (written within email body) and execute it.

1

The goal of all these frauds is to steal sensitive information from affected system and about the system owner. Sometimes, these attacks don’t have specific target and cyber criminals want to steal banking credentials and other money relegated data. But sometimes, the attackers know against whom they operate.

So, this is exactly how it goes in real fishing: A fisherman with fishing-rod doesn’t try to catch specific fish, but fisherman by spear is like a hunter, he chooses his target first and then strikes at it.

That’s why computer security engineers call attacks with no specific target – phishing and if the target is specific – we call it spear phishing.

22

Spear phishing techniques are most successful from all stealing cyber data techniques.

Using these frauds, cyber criminals usually attack organizations, companies and other public and official targets.

Most dangerous and sophisticated attacks are sponsored by organizations or even governments. Then single employee of targeted organization may do a mistake and it may cost very high price for business and sometimes even for countries.

Spear phishing attackers choose the target first, and then they better have some inside information about a target, for example, email addresses, names, type of business etc. This information will help the attackers to build successful fraud that between things will make people believe

  • That the emails are from trusted sources and are safe
  • That the links are safe and will connect to legal websites
  • That the information they give away will be received by trustful destinations
  • That the attachments are legal tools that will perform desirable operations
  • Etc

For these targets everything goes: the usage of official logos and other pictures, spoofed email addresses and names etc.

Although spear phishing is usually designed to harm specific target, sometimes, some third-side systems can also become a victims. For example, if malicious email will be forwarded or malicious files will be copied (moved). This way, anybody can be affected.

Email filters, URL filters and Anti-Virus programs must be always updated and will attempt to protect systems from spear phishing threats.

Anyway, good education is to be aware of these threats. We must know that they exist and any email, file and website may be bogus and malicious, so we must use common sense before we perform any action to apply remote requests (for example).