Spear phishing is on the rise, but identifying these attempts can be challenging when they appear to come from someone you trust.
Last month, researchers at Fortinet observed a sophisticated phishing email sent to a Hungarian diplomat. In the email, cybercriminals disguised themselves by using the first and last name of an employee in the diplomat’s IT department. In this case, the diplomat believed that the email was suspicious and forwarded it to the actual employee in the IT department for investigation.
This case is a perfect example of a popular attack called spear phishing. Spear phishing attacks are targeted at a single person or department that has information that cybercriminals want. In these attacks, cybercriminals conduct research on the specific person or department and figure out who they talk to frequently. Then, the cybercriminals send a message to the person or department, pretending to be someone they know and trust. It’s important to watch out for these attacks because they can happen to anyone, not just diplomats or executives.
Follow these tips to stay safe from spear phishing attacks:
- Don’t open attachments or click on links in emails that you were not expecting.
- Check email headers to make sure you recognize the sender and any other recipients.
- Reach out to the person who allegedly sent the email by phone or in person. By reaching out to the alleged sender directly, you could save yourself and your organization from a potential spear phishing attack!
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.
