Spam emails are perhaps the most common type of email attack. But, by now, many organizations can detect and screen spam emails from a mile away. Other than junking up your email inbox, they are generally harmless. Spear phishing emails are, however, dangerous and difficult to detect.
Spear phishing attacks appear as ordinary emails, but the email body will contain a link or an attachment that is literally a “bait.” The main objective is to get a little bit of your personal identifiable information (PII). More often, the attackers have done some background research about your organization through social engineering. So, they probably know your location, your bank or financial partner, and your major clients. Such pieces of information can add a lot of credibility to spear phishing emails.
Statistics indicate that people open 70% of spear-phishing emails compared to only 3% of spam emails. Additionally, 50% of users who open spear phishing emails go ahead to click on the bait links within the email. That means that a campaign of 10 emails has a 90% chance of snaring a target. Brand impersonation takes about 83%, and these attacks attempt to impersonate renowned brands to gain access to the target’s credentials and take over the account.
It’s not easy to tell that you are giving away sensitive data like bank accounts, work credentials, passwords, or security clearances to cyber criminals. Actually, spear phishing is a precursor to much more dangerous advanced attacks. Between 2014 and 2015, the top industries targeted were finance, public administration, retail, logistics, and services. A successful attack can cost your company an average of $1.6 million.
In 2014, over 100 financial institutions lost around $1 billion in the Carbanak Breach. According to Kaspersky Lab, the attackers used spear-phishing emails to infiltrate the banks’ intranet and infect machines with malware.
If you’re concerned about the risks of spear phishing attacks, you can make your environment more secure by taking the following measures:
Whether you’re running Windows or Linux, you need to frequently check for latest security patch releases. These operating systems always update and promote their security patches to stay ahead of the emerging security concerns. There are always enough risks to warrant an update and fortify your employees.
Cybercriminals are always prying on your sensitive data. With the right encryption tools, you can encrypt all the files you send to your systems, trading partners, remote locations, and cloud environments. That makes it difficult for third-parties to decrypt your data even if they managed to intercept it. Some of the things to encrypt include:
A managed file transfer solution can help you stay up to date with the latest encryption standards while making your data transfer seamless and easy to audit.
Today’s cybercriminals are more hi-tech than you would imagine. Did you know that emails received from the addresses you know could turn out to be spear phishing attacks? If you regularly receive emails from clientA@company.com, you could easily assume that all emails from that email address are safe to answer, right? Wrong. Hackers are able to spoof the “from” field of your email address and send emails with that address to multiple employees. The spoofed emails often look real and can cause successful spear-phishing attacks across your organization.
Domain-based Message Authentication, Reporting & Conformance (DMARC) technology utilizes uses Domain Keys Identified Mail (DKIM) and Sender Policy Framework (SPF) to screen incoming emails against the existing database. If the email fails to match the sender’s records, the system rejects it and reports the incident to an authorized security admin.
Multi-factor authentication (MFA) is a simple way to prevent illegitimate people from accessing your data. It requires two pieces of identification to authenticate a login. For example, when someone gets hold of your password, they will be prompted to verify the authenticity by entering a security code sent to your mobile phone. So, with half the information, they won’t compromise your data, and you also get a notification that something is amiss.
Identifying and reporting spear phishing attempts is a critical component of cybersecurity training. You can use phishing simulations for text messages, emails, and voicemails to improve risk awareness and identification. Additionally, you can set up your email system to identify all emails originating from outside the company and warn users before they click on any link.
Brian Seeling JR, a Managing Partner at Peerless Tech Solutions, suggests adding a caution message to all emails sent from outside your organization. It could be something like:
Spear phishing attacks happen on a daily basis. Although it is a serious security concern, it shouldn’t give you sleepless nights if you plan ahead, train your employees effectively, put in place foolproof security measures, and encrypt your data. Looking for more information to help you combat spear phishing threats? Contact us today and speak to one of our cybersecurity experts.
Need guidance on NIST SP 800-171 compliance anywhere from Washington D.C. to Southern Maryland? We're experts, specializing in NIST 800-171 compliance.
