By now you probably know how phishing emails work, if not you can read about it here.
However, do you know the difference between spear-phishing and a phishing attack? I will try to explain it in a few sentences.
As you know, a phishing attack is commonly conducted through mass emails sent to a bunch of users with the intent that somebody will click a link or open an attachment. The final objective is to leak a set of credentials from the end-user.
What is a Spear-Phishing Attack?
However, the spear-phishing attack, which uses the same delivery method, is slightly different. This type of attack target a specific user, such as a CEO or a senior manager. Therefore, the content of the email will be specifically crafted for the target. This means, if you are a Port Adelaide fan, the phishing email may contain content related to this topic with the likelihood that you open it, click on links and open attachments.
This was a recent spear-phishing attack where Australia’s top universities stemmed from a single email that was only previewed.
After some investigation, it was found that the attacker was inside the University’s network for 6 weeks, from November of last year. However, the university did not discover the intrusion until May of this year.
How did this happen?
Well, when you open an email, and the email has any sort of image which is linked to a place on the Internet, the email will retrieve it in order to show you the content. Depending on the application you are using to read emails, you can disable this feature or not. In this scenario, the end-user downloaded, without knowledge, some malicious code to the computer and from there, a door to the University network was opened.
In order to minimize the likelihood of this happening to you please pay attention to any unsolicited emails, be careful when clicking links and opening attachments. Keep all your systems updated, including your operating systems and applications.
And as always, be safe out there until the next Malware Monday.