Issue No. 61August 2017
Spear Phishing – A Serious Email Threat
Spear Phishing is the practice of sending fraudulent emails, ostensibly from a known or trusted sender, designed to induce the recipient into revealing confidential information or installing malicious software.
Unfortunately, these scammers are getting trickier and their attacks are growing in sophistication. As technology progresses they are using new techniques to falsify emails and spoof email domains, and they have learned various ways to avoid detection by applying lessons learned from previous attacks.
Spear Phishing attempts are a growing threat. Even we at KTS have received Spear Phishing emails. One memorable example was crafted to appear as though it was from a client of ours, and noted that we had overcharged their credit card. The message indicated they wanted a refund immediately. Here is where it gets scary – their domain was that of an actual client, it just happened to be misspelled slightly. There was an attachment for the “overcharged” invoice, which contained the infected payload or malicious link. The clue that tipped us off that it was a fraudulent message was when you used the mouse to hover over the attachment, you could see it went to some strange and unrelated website. Other examples include messages received about scheduled or missed package deliveries and messages that purported to be cancellation notices for Office 365 services.
Here are some important tips that you can use to identify fraudulent message and protect yourself:
Let us know if you need a security audit
and/or protection for your company.
Contact us at:
Email: [email protected]