Back to basics

What is spear phishing? Why targeted email attacks are so difficult to stop

A highly targeted form of phishing, spear phishing involves bespoke emails being sent to well-researched victims. It is hard to spot without close inspection and difficult to stop with technical controls alone.

1 2 Page 2
Page 2 of 2

He also adds that having open lines of communications between employees and management is important. “In some company cultures, the hierarchy is really, really important, so the end users aren't willing to talk to the bosses. But they should know that they shouldn't feel worried if they need to challenge the boss for any reason.”

While user education and awareness is a core part of reducing the risk of phishing, the security department also needs to involved in securing businesses processes to narrow windows of opportunity for attackers. “It's very easy for companies to say, 'don't click on links or attachments from people you don't recognize,’” says Michael Figueroa, executive director at the Advanced Cyber Security Center, “but in many companies, especially in finance and accounting departments, we are working with a number of different vendors and forging business relationships on a very frequent basis. I don't think there's enough focus on how business processes as they're being defined can be subverted and then building controls in order to address those is subversion points.”

For example, ensuring no payments are made without multiple people and multiple steps of authorization or that no payment details are changed without first confirming over the phone or another communication channel can reduce risk CEOs or suppliers are being impersonated. Having separate machines for email- and internet-related tasks and invoicing-payment tasks could lessen the chance of machines being infected with malware that collects banking information.

Getting everyone on board with policies to help thwart spear phishing requires a soft touch, Figueroa believes. “Security professionals need to serve more as coalition builders than dictators of policy and have a much deeper understanding of how the business functions and understand what the best techniques are going to be in order to protect the business.”

This story, "What is spear phishing? Why targeted email attacks are so difficult to stop" was originally published by CSO.

1 2 Page 2
Page 2 of 2
ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon