Spear phishing is more focused than normal phishing. To protect against this type of phishing, your entire company will need to be educated and protected.

What is a typical spear phishing attempt?

A typical spear phishing attempt is a fraudulent personalized email that is usually sent with an attachment or requests a response. The fraudster then tries to entice the recipient to open the infected attachment or respond with personal information.

 Phishing attacks are all too common and can make a company lose millions of dollars. To protect against this scam, a company must have the right protocols and software in place.

What is a phishing attack?

A phishing attack is a social engineering attack, where an attacker mimics a trusted company or person to steal private information such as login or financial data. These attacks usually come as an email, text message or phone call.

“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible.

Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C-suite executives in emails to colleagues asking for personal or company information.

If you want to know why business email compromise (BEC) and other advanced email attacks keep working so well, just ask Dilbert.

In one particularly biting installment of Scott Adams' popular workplace comic strip, our tech geek hero sits in his cubicle perusing an email that reads, "Enter your bank account number." Dilbert's thought bubble reads "Scam."

Quick cut to engineer Alice. Same email, same thought bubble: "Scam." One last cut, this time to Pointy-haired Boss as he too reads, "Enter your bank account number."

At Agari we often talk about the evolving nature of advanced email attacks and the identity deception tactics that go with them. These attacks bypass legacy controls and like a magician delighting a curious audience, they trick the human psyche by targeting core human emotions such as fear, anxiety and curiosity. Of course, the magic in this case comes with ill intent.

A good example of a sophisticated attack and one that we address in the Agari Fall’19 release is the use of email with voice message attachments to execute phishing schemes.

 

Cybercriminals increasingly use new forms of identity deception to launch an email attack to target your weakest link: humans.

Call it a case of locking the back window while leaving the front door wide open. Throughout the last year, a number of reports have surfaced about sophisticated cyberattacks that are proving all too successful at circumventing the elaborate defenses erected against them.