{"id":17384,"date":"2018-04-23T19:00:35","date_gmt":"2018-04-23T23:00:35","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=17384"},"modified":"2022-04-27T15:51:49","modified_gmt":"2022-04-27T19:51:49","slug":"dont-get-poked-by-spear-phishing-attacks-learn-hackers-methods","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/dont-get-poked-by-spear-phishing-attacks-learn-hackers-methods\/","title":{"rendered":"Don\u2019t Get Poked by Spear Phishing Attacks: Learn Hacking Methods"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">You may have heard the term before &#8211; phishing &#8211; when a hacker attempts to trick someone into giving up personal information. It\u2019s a scam that relies entirely on playing into our sense of trust and awareness. Phishing continues to be one of the most substantial online threats in 2018, and occurrences are growing at an alarming rate. But, what happens when attacks are so personalized they are impossible to tell real from fake?<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Increased personalization is <\/span><a href=\"https:\/\/www.infosecurity-magazine.com\/opinions\/everyonee-spear-phishing-target\/\"><span style=\"font-weight: 400;\">the goal of spear phishing attacks<\/span><\/a><span style=\"font-weight: 400;\">. Instead of sending out a collection of mass messages or spoofing an online campaign for stealing waves of user data, spear phishing is aimed at a specific target, which sounds unsettling. Such is the tip of a spear, sharpened and directly aimed at one fish in the pond. But how are these attacks carried out and who is at risk?<\/span><\/p>\n<p><b>Open Season for Spear Phishing<br \/>\n<\/b><span style=\"font-weight: 400;\">Spear phishing attacks are launched against a targeted individual or organization. When a business has been selected as the target, the hacker is looking to obtain industry secrets or put themselves in a position of financial gain.<\/span><\/p>\n<p><b>Read More: <\/b><a href=\"https:\/\/www.psafe.com\/en\/blog\/5-phishing-clues-to-look-for-in-emails\/\"><b>5 Phishing Clues to Look for in Emails from Your Contacts<\/b><\/a><\/p>\n<p><span style=\"font-weight: 400;\">The attack itself may start with a low-level employee: the hacker takes time to learn a bit about the person and their position. After their research is complete, the hacker sends a phishing email to coax confidential information or sensitive data, such as passwords, out of the individual.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Different from a standard phishing attack, a spear phishing email will address you by name and may claim to be from an internal department you\u2019re accustomed to dealing with. For example, \u00a0fake email may claim to be your colleague from IT asking that you confirm your information for the system. The dangerous aspect of spear attacks is how personalized they, customized for you &#8212; the hacker\u2019s target. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Always double <\/span><a href=\"https:\/\/www.sec.gov\/reportspubs\/investor-publications\/investorpubsphishinghtm.html\"><span style=\"font-weight: 400;\">check the email address in the &#8216;from&#8217; field<\/span><\/a><span style=\"font-weight: 400;\">. Does it truly originate from within your company or is the email address similar enough, but not quite right? The best defense in the workplace is to stay vigilant and notice where emails are actually coming from. Also, take a moment to have a discussion all the departments you work with, so you know what types of information they will never ask.<\/span><\/p>\n<p><b>Targets Go Beyond Businesses<br \/>\n<\/b><span style=\"font-weight: 400;\">You don\u2019t need to be an employee or a corporate CEO to be the target of a spear phishing attack. You may be unaware of the sensitive information stored on your personal devices and assume you aren\u2019t a worthy target of these types of attacks. Uh, not so. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">When it comes to regular people, spear phishing is more efficient than regular attacks. An attacker may obtain specific information about you such as your name, where you bank, and the contacts you trust. Are you friendly with your local banking repr? Now the hacker also knows this and can create a personalized phishing email that\u2019s aimed at stealing your account details. What\u2019s unsettling is it seems trustworthy &#8211; the email addresses you by name, it\u2019s signed by your banking rep, and they even know some of your details.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One way to get started on securing your Android phone is to download a robust antivirus app such as <a href=\"https:\/\/app.appsflyer.com\/com.psafe.msuite?pid=Blog&amp;c=Dont_Get_Poked_By_Sprear_Phshng\" target=\"_blank\" rel=\"noopener\">dfndr security<\/a><\/span><span style=\"font-weight: 400;\">, which has an advanced anti-hacking feature. With the ability to alert you of phishing attempts and block potentially malicious links, an app like this can become your line of defense.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Whether you\u2019re on personal or work devices, be sure to check the \u2018from\u2019 field of emails to ensure they are originating from an actual trusted source. Basic practices should also be followed like not giving out any personal information or passwords to anyone. <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>These phishing scams attempt to steal your sensitive data, but what happens when they&#8217;re so realistic they seem tailored directly to you?<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[5],"tags":[301,259,249,67],"class_list":["post-17384","post","type-post","status-publish","format-standard","hentry","category-security","tag-app2","tag-hackers","tag-security","tag-smartphone"],"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17384","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=17384"}],"version-history":[{"count":4,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17384\/revisions"}],"predecessor-version":[{"id":18095,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17384\/revisions\/18095"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=17384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=17384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=17384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}