Security experts seem at a loss for what to do against evolving threats which bypass all forms of protection. The past years has been a particularly difficult for many professionals who have admitted that hackers are moving fast to customize attacks. These days attackers are migrating towards specifically targeting their victims using email as bait. This tactic is known as spear phishing – a threat that has brought many organizations to their knees.

How does it work?

The target often receives an email that seems to be from a seemingly credible or familiar source. This is bait to get users to open the mail and typically requests some action or confidential information they can leverage such as providing usernames, passwords, credit card and banking account numbers; downloading and opening an attachment (typically .zip and .exe files); or perhaps even by simply opening the email itself and allowing an embedded script to run.  Spear phishing is a favorite of nasty hackers who don’t have to negotiate firewalls to access sensitive information. These emails appear so legit that even a high ranking security expert might open it without raising an eyebrow.

Spear phishing is on the rise simply because people are curious. Statistics show that 3% of the population opens their spam mail and in so doing 70% are victims of malicious activity. Anyone can be a target, and what is worrisome is that the hackers often have a reason why they want a specific user’s private data. Their goal is to use personal identifying information (PII) to hold someone hostage for one reason or another, typically for financial gain.

Increased risk

Trends like Bring Your Own Device (BYOD) have heightened the risk for companies that have little, if any, control over how employees use personal devices. To avoid spear phishing through an employee’s device, companies should encourage them to install scanning software that also prevents access to corporate servers. Attackers are taking time to study their targets before launching a scathing attack on them. This makes spear phishing attacks more difficult to avoid, but there are reliable ways to mitigating the situation.

How to deal with spear phishing

· Educate employees on how to avoid opening and acting upon unsolicited emails. Experts agree that people often fall victim to spear phishing because of careless browsing. Companies can protect themselves by instituting proper policies that limit access to certain sites that might compromise security.

· Keep all company systems current and backed with the latest spam filters to detect blank senders and malicious sites. Corporate data and emails can also be encrypted on users’ systems for further protection.

· Encourage employees to pay attention to little details like grammatical errors, mismatched email addresses, and spelling mistakes which are major indicators of phishing emails.

· Disable HTML messages or convert them to text only email. Use an SSL certificate to secure traffic to and from the corporate website. Monitoring website traffic helps create a virtual map of normal email patterns and quickly alerts IT when suspicious email is detected.

· Hover the mouse over an email sender’s address and any links to see if they match the displayed destination. Malicious links don’t usually match with the description listed in the email.

· Takes simple measures such as forwarding suspicious emails to the IT department and have them investigate.

Security training and clear rules

Security training and sound security policies are essential to staying ahead of adept hackers. Organizations must set clear rules on how employees should respond to strange emails and requests, but also layout guidelines on action steps to take upon receipt of malicious email. Teach employees the qualities of a good email and how to identify a bad one. Perform phishing attempts on workers so you know for sure that they can adequately handle themselves in the wake of spear phishing attack. Top tier email providers like Google, Yahoo, AOL and Microsoft rely on DMARC technology, the leading email authentication protocol, to stop suspicious mail before it reaches targets.

Whichever approach is taken, remember that employees have to be constantly trained about changing tactics of hackers. This keeps them informed how attackers might take advantage of their trusting and curious nature to gain access to information that risk losses for the entire company. Sometimes only a single click is needed to grant access to hackers, so companies must have well formulated plans on how to deal with breaches. Threats are changing so rapidly that it has become difficult to keep up with the pace of adequate security measures. Companies and individuals must take extra precaution to protect themselves and reduce the rate of attack.

Sources:

https://digitalguardian.com/phishing-attack-prevention-how-to-identify-avoid-phishing-scams

https://www.trellix.com/en-us/products/email-security.html

www.aosinc.com/news/3-easy-steps-to-protect-against-spear-phishing/

https://usa.kaspersky.com/resource-center/definitions/spear-phishing