Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/13/2014
12:00 PM
Rohyt Belani
Rohyt Belani
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Infographic: The Story Of A Phish

Are your employees like Troy, blissfully unaware of the dangers of spear phishing?

Spear phishing has gained wide acceptance across the security industry as the majority source of cyber-attacks. How do adversaries develop spear phishing emails? Attackers target specific organizations that offer information of strategic or economic value. Once a target organization has been identified, attackers will use social media and publicly available information to research employees of that organization to target with a spear phishing email.

Spear phishing typically targets lower and mid-level employees -- like Troy in the infograhic we developed at PhishMe, a security awareness training company -- instead of high-level executives or IT operators. The massive amount of information available on social networks gives attackers plenty of fodder to craft highly personalized emails, as is illustrated in Troy's story.

Spear phishing campaigns like this one can be used to execute drive-by attacks with a malicious link, drop malware on to the network with an email attachment, or gather login credentials through old-fashioned social engineering. Attackers can exploit zero-day vulnerabilities to bypass anti-virus measures and drop malware on to the target network, but they may also avoid malware altogether.

These emails will attempt to exploit emotions (such as greed, fear, or curiosity), spoof reputable organizations (like a recipient's bank), or reference current events to appeal to recipients. The sheer volume of emails being sent every day often allows spear phishing emails to slip past spam filters and into employee inboxes.

Like Troy, most recipients will open and read a spear phishing email within hours -- if not minutes -- of receiving it, allowing attackers to gain a foothold quickly in the target network and begin their operations. With cybercrime costing organizations an average increasing from $8.9 million to $11.6 million from 2012 to 2013, organizations can expect adversaries to continue carrying out cyber-attacks by targeting users through spear phishing.

How are you educating users about the dangers of spear phishing. Let's chat about it on the comments.

Gary Warner is one of PhishMe's elite cybercrime researchers, where his current research areas are malware analysis, social networks of cyber criminals, hate groups, and terrorists. Involved in cybersecurity since 1989, he began his career helping large organizations connect ...
View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
JrmeM921
50%
50%
JrmeM921,
User Rank: Apprentice
5/14/2014 | 1:29:22 AM
tetraupload.com
Tetraupload VPN 
This is why we must use a very good vpn like TetraUpload VPN  http://tetraupload.com  

Encrypt my data and secure my internet connection! 
Randy Naramore
50%
50%
Randy Naramore,
User Rank: Ninja
5/13/2014 | 4:03:35 PM
Re: Phish tale
Big point being, Phishers use social media to get information about users. This should be a lesson for all, don't put too much information on social media. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/13/2014 | 12:19:54 PM
Phish tale
"Troy's" story makes a strong case about how vulnerable employees are in the daily work grind of work, email and social media. It was interesting to me that 40 percent of cyber attacks were targeted  towards the utility industry. Are those phishing attacks or just attacks in general? 
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15820
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVE-2020-15821
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-15823
PUBLISHED: 2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15824
PUBLISHED: 2020-08-08
In JetBrains Kotlin before 1.4.0, there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-15825
PUBLISHED: 2020-08-08
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.