Spear Phishing
📖Definition
The fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information.
Spear phishing is a scam where hackers send emails pretending to be someone else. They pretend to be friends, colleagues, business associates or family members asking you to click on a link or download a file. The link takes you to a fake website where you are asked to enter your login details. Once you enter these details, the hacker has access to your account.
If you receive an email from someone claiming to be a bank or financial institution, it could be a phishing attempt. Hackers will often try to trick people into giving them personal information by sending emails that look like they come from a trusted source. You do not want these cybercriminals to get your Social Security numbers, account numbers or any other information that can be used to steal something from you.
What is the Difference Between Phishing and Spear Phishing?
Phishing is an attempt to acquire sensitive information like usernames, passwords, credit card details, and more by masquerading as a trustworthy entity in an email or other electronic messages. Phishing is often done at a high volume with the hopes that the message fools a few people. In contrast, spear phishing is an attack that attempts to trick a particular user into revealing their credentials by impersonating someone they know and trust. Someone who hacks into a friend's online profile could send a spear phishing attempt through Facebook Messenger or an Instagram message.
How to defend against spear phishing attacks
Businesses and their employees can make it more difficult for spear phishers to execute a successful attack using both technology and employee education. Below are a number of common sense ways to thwart these attacks.
Source: searchsecurity.techtarget.com