Spear phishing is an attempt to steal sensitive info such as credit card, financial, and banking info from a victim for malicious reasons.
The main difference between regular phishing is that the scammers disguise themselves as trustworthy entities or friends to steal sensitive information typically through an email. The trust factor makes it easier for the fraudster because the victim does not have their guard up as this appears to be a trustworthy person or entity to the victim.
This is the most common and successful form of accessing private and confidential information. Spear phishing accounts for 91% of all cyber-attacks. Phishing criminals are becoming more sophisticated with their tactics. They can spoof phone numbers, email addresses, and websites to look legitimate and fool even the most cautious of users. Spear phishers seek out victims for a variety of reasons.
For example, home-buyers are targeted in money transfer scams, with the phishers hacking into escrow company’s databases to steal the contact information of home-buyers. They pose as someone from the escrow company and request a wire transfer that seems to be legitimate.
Protect Yourself from Spear Phishing Attacks
Think Before You Share Personal Information
Always proceed with caution if a website asks for your personal information. Do not be impulsive, which by the way is a common trait of online phishing victims. Before you enter any information into a website, check your browser to make sure it’s reliable (look for the “s” in the https://).
Watch What You Post
Look at your online profiles from a fraudster’s point of view. How much personal information are you making available for the attackers to view and access? Pay attention to your privacy settings.
Don’t Open Strange Emails or Attachments
Before you open an email or attachment, look at it. Would your friend send you a word document with macros in it? If you are not expecting it, it’s better to avoid opening it ad rising programs that could capture your username and password.
Practice Password Safety
Change all your passwords regularly to protect your accounts. Use smart passwords, do not duplicate or reuse passwords. Make sure all accounts have different passwords that are not similar. Whenever possible, use two-factor authentication, (fingerprint) which makes it more difficult for someone to access your accounts.
Spear phishing has the same goal as regular phishing, but the attacker spends time gathering information about the victim first and then uses the information to personalize the spear-phishing attack which makes it much more difficult to detect and not as noticeable. Typically, spear-phishing attempts are not random and are mainly intended for financial gain, trade secrets, or military information.
Please remember to be logical and use caution on your social media accounts and other internet usages. If you suspect that you have been a victim of a spear-phishing attack, please contact Social Catfish to help you bring down the fraudster! Think before you act.