Council Foundation Logo Leaders Edge

While the concept of phishing emails has been around for decades, the practice has evolved from a basic to a complex and time consuming investigative approach. Today, cybercriminals will seek to find every waking detail of one’s personal and work life to then mimic them through email and convince a  colleague to hand over valuable and confidential information. You may remember the medieval times of phishing emails sent from “Nigerian princes” who want to give their millions of dollars to a “good Samaritan.” Well, times have changed. Today’s spear phishing tactics can fool even the most experienced IT employees. Here are 10 common characteristics of a spear phishing attack that cybercriminals rely on to convince their victim to hand over such valuable information:

  1. The attack is handcrafted by professional criminals
  2. The attack is sent by someone you know
  3. The attack includes a project you are working on
  4. Your attacker has been monitoring your company’s email
  5. Your attacker can intercept and change emails as needed
  6. Your attacker uses custom or built-in tools to subvert antivirus software
  7. Your attacker uses military-grade encryption to tunnel your data home
  8. Your attacker covers their tracks
  9. Your attacker has been in your environment for years
  10. Your attacker is not afraid of getting caught

Leave a Reply

You must be logged in to post a comment.