Spear Phishing – What you need to know

Online security is an issue which isn’t going away.

Whether it’s the FBI accusing China of nationwide data hacks, or individual users of Tesco’s online banking system suffering losses totalling £2.5 million, cyber threats are an ever-present in our lives and as an IT support provider, it is our responsibility to address these as quickly and effectively as possible.

We’re in an ongoing conversation with our customers about what can be done to reduce the risk to their business, and we make it our duty to provide education along with technical recommendations to ensure they are well prepared and well positioned to deal with an online assault. The most important part of any organisation is its people, and hackers often target those people, rather than the systems of a business, to try to gain access to the information they’re after.

The most common threat we are seeing to our customers at the moment is a spear phishing attack. These attacks are a method of extracting user credentials and then using the same credentials to obtain information from other sources. The danger of spear phishing is born out of people tending to use the same usernames and passwords for the majority of the sites they access, and the reason for its success is the difficulty in establishing a fraudulent email when it lands in your inbox. For example, an email which appears to be from Google asking you to log-in to your account to access a document would likely be accepted by any person with a Google account. We’re often very busy and wouldn’t think twice about following the instructions given to us. The issue is, when the email you’ve received is not actually from Google and you hand over your credentials, you are effectively opening the door to information which you store in a range of other areas.

At the moment, it’s difficult for a firewall or any other defensive technology to differentiate in the case of phishing emails. Whereas in times gone by, there would be enough of a difference in genuine and malicious emails for a firewall to block the malicious one, hackers are becoming more sophisticated and malicious emails are finding their way through firewalls and email filters and landing in people’s inbox. From here, the only thing standing in the way of the hacker and their goal is the person who the inbox belongs to.

It is incumbent on every user of corporate or personal email to be aware of the risks that they are faced with today. Email is the most common entry point of targeted attacks, and our customers find themselves right in the firing line as more than half of 2015’s phishing attacks are targeted at SMEs. Thankfully, there are steps you can take to make it far less likely that you will become a victim of a spear phishing attack.

There are common signs in malicious emails that you should look out for:

– Misspelled email addresses indicating that the sender isn’t really who they say they are
– Poorly written or badly formatted text which doesn’t display properly on your screen
– Emails asking you to click on text links rather than image links as major corporations like Google usually do
– Unfamiliar web addresses when you visit the page you’ve been asked to visit
– Additional information requests which you are not used to, such as ‘Home Address’ along with ‘Username’ and ‘Password’

The nature of today’s online hackers means that there is no one size fits all solution to cyber threats. Targeted attackers are well informed and heavily researched, and they invest hundreds of hours in developing methods to break into your systems. If you as an individual, and the business you represent, are not prepared to take the steps to negate their sophisticated approach, then unfortunately the risk of you falling foul of a data breach will go up. We wholeheartedly believe in the use of the latest firewalls, email management systems and network monitoring to give you the best possible chance of avoiding data loss or infiltration. However, hackers are not so much targeting technology as they are targeting people, and being aware of the risks and knowing what to look for whenever you receive an email asking you to hand over information will go a long way to protecting you against even the most brutal of attacks.

Topics: Cyber security

Written by: Jacob