HWG srl
  • Services
    • Cyber defense
      • Security Awareness
      • File Integrity Monitoring
      • Network Security
      • Browser Isolation
      • Email Security
      • Endpoint Security
    • Machine intelligence
      • SIEM
      • EDR
      • SOAR
      • Anomaly Behavior Analysis
      • Cyber Threat Intelligence
      • Deception
      • Threat Data Feeds
      • Vulnerability Management
      • ICS Security
    • Human expertise
      • Security Assessment
      • Incident Response
      • Security Monitoring
      • Threat Hunting
  • About us
  • Blog
  • Resource Center
  • Contacts
  • Careers
  • en
    • it
HWG Incident Response
HWG srl
  • Services
    • Cyber defense
      • Security Awareness
      • File Integrity Monitoring
      • Network Security
      • Browser Isolation
      • Email Security
      • Endpoint Security
    • Machine intelligence
      • SIEM
      • EDR
      • SOAR
      • Anomaly Behavior Analysis
      • Cyber Threat Intelligence
      • Deception
      • Threat Data Feeds
      • Vulnerability Management
      • ICS Security
    • Human expertise
      • Security Assessment
      • Incident Response
      • Security Monitoring
      • Threat Hunting
  • About us
  • Blog
  • Resource Center
  • Contacts
  • Careers
  • en
    • it
HWG srl
HWG Incident Response
  • Services
  • About us
  • Blog
  • Resource Center
  • Contacts
  • en
    • it

What is spear phishing and how to protect your business

Published by HWG on 9 February 2022

Spear phishing attacks directed at businesses are multiplying and are now one of the biggest threats businesses face. But what is it and what are the risks for businesses? The cybersecurity world is bubbling with terms that often remain rather obscure. One of these is undoubtedly spear phishing. For anyone working in an enterprise at any level, however, the phenomenon of "targeted" phishing represents an extremely present danger. Knowing its characteristics and the risks it poses is critical to helping protect your business systems.

What is phishing: computer scam targeting credentials

The term phishing is now quite common and well-known. Phishing attacks, in short, are computer scams that aim to steal credentials (username and password) using e-mail messages that somehow "lure" victims to websites controlled by pirates. The key element of phishing is that the pirates impersonate someone else to lure their victims to the malicious site. Techniques can vary depending on the goals of the cyber criminals: in some cases, the most common ones, the pirates use Internet sites that are identical to the legitimate ones, with the aim of inducing users to enter their credentials to access online services. This strategy is normally adopted to target home banking services. In other cases, the message simply aims at diverting the victim to a website that contains malicious code and can compromise the computer of the visitor by installing malware. This second strategy usually exploits emails with attractive content, such as coupons or freebies that seem to be offered by well-known companies.

Definition of Spear phishing: the cyber attack is targeted

In the cases mentioned above, fraudsters target a wide audience, using spam campaigns via email or social networks to "hit the pile". In the case of spear phishing, however, we are faced with an extremely targeted attack. It's no coincidence that this technique is primarily used by extremely specialized cybercriminal groups, who primarily target businesses and organizations. Instead of using a generic (and usually rather implausible) bait such as discounts, promotions or gifts, authors of spear phishing attacks carefully plan their action, tailoring messages to the specific target. The least elaborate technique involves impersonating a person in the company's industry, such as a regulator or potential supplier/customer. The attack vector can vary: in addition to links to malicious sites, pirates use files of various formats attached to the message, "disguised" to look like administrative documents or containing information that may be of interest to the victim. Some criminals, however, also adopt more elaborate techniques.

Spear Phishing and Privacy

When high-profile targets are targeted, such as company executives or CEOs, pirates often decide to adopt an even more devious strategy, using content that may interest the victim in relation to their hobbies and personal interests as bait. To do this, they usually use social networks and any information available on the Web, such as interviews or public speeches signed by the same person they want to target. In short: they are able to exploit any element that can help them make the message more "appealing" and induce the victim to make the fateful click that allows them to compromise the computer and, as a cascade, obtain the credentials that allow them to gain access to services and corporate resources.

What consequences of Spear phishing on companies?

If the attack technique is well defined, the consequences may vary depending on the modus operandi of the hackers. In some cases, the stolen information can be used to carry out elaborate scams against the company. For example, wire transfers may be requested at the request of senior executives, in this case CEO Fraud, or from real invoices but to fraudulent bank accounts created by the hacker for the specific attack. In other cases, instead, the stolen information can be exploited by cyber criminals to gain access to the company's systems and bring real sabotage attacks to the computer systems or for industrial espionage actions. In any case, the consequences for the company are always extremely serious.

How to defend against spear phishing

The tools for the analysis of e-mail messages can represent an effective barrier not only for phishing, but also for its "personalized" variant.

Thanks to the use of artificial intelligence algorithms, in fact, it is possible to identify the suspicious elements that can characterize a spear phishing message.

Another element that allows the identification of potentially malicious emails concerns the domain used by the sender.

The spear phishing techniques, in fact, often foresee the use of email addresses that use a domain very similar to the one of legitimate subjects, for example adding some letters inside the domain.

By using threat intelligence systems it is possible to detect at an early stage the presence of this kind of domains and block spear phishing messages.

Tags: Spear Phishing
Back to Blog

Subscribe to our blog!

Popular post

  • 11 Apr 2022
    HWG appoints Cyber-Industry veterans to its board ...
  • 01 Mar 2022
    Investcorp acquires Italy’s leading cybersecurity ...
  • 16 Feb 2022
    OT Security: how to reconcile business continuity ...
  • 17 Mar 2022
    Security Operation Center (SOC), is it really esse...
  • 09 Feb 2022
    SOC as a service: how to choose the best one

Topics

  • CEO Fraud (1)
  • Compromise assessment (1)
  • cyber resilience (1)
  • cyber risk (1)
  • Dark Web (1)
  • Incident Response (3)
  • Industry 4.0 (3)
  • IoT (2)
  • operational technology (1)
  • security assessment (1)
  • security operation center (1)
  • SOC (3)
  • Spear Phishing (2)
  • Vulnerability Management (1)
  • Zero Trust (1)

Related Articles

Operational Technology: How to Avoid Production Downtime

In addition to the risk of information theft or intellectual property infringement, in the...
Read More

Not trusting is better: here's the Zero Trust approach

Trust no one. If a cybersecurity expert should give an advice to a user or company on how to...
Read More

HWG appoints Cyber-Industry veterans to its board to empower growth

Verona, April 11, 2022 - HWG, Italy’s leading cybersecurity company is pleased to announce the...
Read More
HWG
  • ISO certified company
  • ISO
  • clusit
  • Services
  • About us
  • Blog
  • Resource Center
  • Contacts
HWG Incident Response
2021 © HWG Srl

HWG Srl | Via Enrico Fermi, 15/E - 37135 Verona | P.IVA 03820790230

  • 231/2001 Model
  • Privacy Policy