Spear phishing emails constitute less than 0.1% of total email volume but are responsible for 66% of data breaches.
Spear phishing is a form of phishing that targets specific individuals or organisations. Instead of sending generic emails to a large group of people, attackers carefully research their victims and craft highly personalised emails to increase the likelihood of success.
Cyber criminals use a variety of tactics to gather information about their victims, such as researching an organisation’s online presence or analysing email signatures.
With this information, they can craft unique emails that appear to come from a trusted or legitimate source, such as a colleague or company with which the victim works.
These emails often contain a call to action, such as clicking on a link,downloading an attachment, by visiting a malicious URL or by opening an attachment this presents an opportunity for the hackers to infect your computer with malware. Furthermore, through spear phishing hackers often try to trick recipients to divulging login credentials or making fraudulent payments
To protect yourself from spear phishing, be wary of unsolicited emails, verify the sender’s identity, and implement Multi-Factor Authentication (MFA) onto all accounts.
You can also educate employees on identifying and avoiding spear phishing attacks. Conduct regular training sessions and simulate spare phishing attacks to test their knowledge.
For further guidance on how to stay safe against spear phishing attacks, please contact [email protected].
Sign up for our free core membership to stay up to date with the latest cyber security news and gain access to a wealth of handy online resources.
The NEBRC is a non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to stay safe online through robust cyber security practices.
Sign up for our free core membership to stay up to date with the latest cyber security news and gain access to a wealth of handy online resources.
The NEBRC is a non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to stay safe online through robust cyber security practices.