What is spear phishing?
Spear phishing is defined as the fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information.
As the name would suggest, spear phishing is a type of phishing attack targeted at a small group or individual. Whereas phishing attacks are broad and apply to many people, spear phishing emails are focused on a particular individual following in-depth research into the target.
A spear phishing email may have been designed to mimic a supplier’s unpaid invoice so that the cyber attacker can gain financial reward for their efforts. By sending an email that looks the same as a genuine supplier invoice email, the hacker will hope to fool the recipient into paying funds into their account rather than to the legitimate supplier.
Spear phishing threats
Spear phishing attacks are increasing year on year. Not only are they becoming extremely common but much more sophisticated.
According to the FBI, Business E-mail Compromise (BEC) schemes which are a form of spear phishing continued to be the costliest for businesses in 2020: 19,369 complaints with an adjusted loss of approximately US$1.8 billion. Broader phishing scams were also prominent: 241,342 complaints, with adjusted losses of over US$54 million. The number of ransomware incidents also continues to rise, with 2,474 incidents reported in 2020. The data for 2021 has yet to be released, but experts claim the phenomenon has been on an upward trend over the past few years at least.
Damage caused by spear phishing
The damage caused by spear phishing attacks is immense. Phishing attacks are more commonly used due to their simplistic nature and overall effectiveness. The underlying principle behind a phishing attack is to trick a human into doing the cyberattacker’s job for them. This process is cost-effective and drastically reduces the time spent on the task for the hacker. The alternative is for a cybercriminal to gain access and deploy malware by exploiting a vulnerability in an organisation’s cybersecurity defences which is, of course, costly, complicated and time-consuming.
Verizon’s 2021 Data Breach Investigation Report (DBIR) states that phishing attacks are involved in 36% of data breaches. Following the FBI’s lead, they also found that BEC and phishing attacks are the costliest causes of data breaches. It was also proven that phishing emails are one of the most common delivery vectors for malware.
Sadly, many employees are unable to detect sophisticated spear phishing attacks. Educating staff and protecting the organisation against spear phishing threats requires sophisticated security solutions that can identify and block phishing attacks before they reach workers’ inboxes.
What helps protect from spear phishing?
Spear phishing attacks are bespoke and targeted specifically at the recipient. This makes them extremely difficult for employees to detect compared to standard phishing campaigns. But don’t worry, there are many actions your organisation can take to protect itself against sophisticated spear phishing campaigns. Here is a selection of the best practices to follow:
- Educate staff
Training staff to be able to spot the warning signs of phishing emails is key to managing spear phishing threats.
- Email scanning
Spear phishing emails use an array of techniques to appear legitimate, the most common being spoofing sender addresses. Security teams can halt these attacks by scanning emails for indicators of phishing then block them.
- Relationship monitoring
By creating a relationship graph and identifying anomalous messages, an anti-phishing solution will flag emails that are likely to be the subject of spear phishing attacks.
- Malicious URL detection
Spear phishing emails will more than often contain malicious URLs to direct recipients to pages designed to install malware or steal login credentials. Security teams should be able to block emails containing links to suspect URLs.
- Use MFA when you can
Using multi-factor authentication (MFA) is key to bolstering security in any organisation.
- Sandboxed attachment analysis
Phishing emails often include malicious attachments disguised as legitimate files. By using a sandboxed attachment analysis, malicious files can be detected and deleted before they reach an inbox.
Spear phishing protection
Spear phishing attacks are becoming more and more sophisticated and are more difficult to detect and block. Phishing attacks are a huge threat to corporate cybersecurity. Not only do they allow hackers to steal user credentials, but they can be used to steal money and plant malware on company systems.
So, what helps protect from spear phishing? Companies like RiskXchange are key to helping organisations right around the world improve their cybersecurity defences. Not only can we help protect your organisation against a range of phishing threats but can also protect your company against sophisticated spear phishing campaigns and increase your overall cybersecurity defence methods.
Get in touch with RiskXchange to find out more about phishing emails and what helps protect from spear phishing.