Spear Phishing Protection - Definition & How To Recognize Spear Phishing Email

Spear phishing is the act of sending fraudulent emails that appear to be from a known or trusted sender in order to obtain sensitive information. In this highly targeted variation of phishing, messages often appear to be from someone you know such as a company colleague, your bank, a family member or a friend.

Spear phishing emails can include personal information obtained through social engineering such as information pertaining to a person’s job, a phone number or an address, making these fraudulent messages especially difficult to differentiate from legitimate emails. Spear phishing is becoming an increasingly popular method of attack because it is generally more successful than conventional phishing. As opposed to sending hundreds of thousands of relatively generic emails out at a time, spear phishing campaigns involve researching victims and using advanced intelligence strategies to compose just a thousand or so convincing messages. With the prevalence of spear phishing on the rise, 64% of infosecurity professionals were targeted by spear phishing in 2018.

Spear phishing can be viewed as a cyber crime double-play. Attackers have the ability to compromise the identity of one business and then use it to steal the personal information of another. It is frequently a preliminary attack vector in data breaches and data theft, which have the potential to drain bank accounts and destroy reputations. Currently, over 95% of all attacks on enterprise networks are the result of successful spear phishing. 

High-profile examples of spear phishing, such as the role that spear phishing played in the hacking of the 2016 election, are often featured in the media; however, spear phishing campaigns frequently target SMBs and can have disastrous implications. In fact, 59% of all spear phishing attacks are aimed at small and medium sized businesses. A successful spear phishing attack can carry a hefty cost, especially for a small company, and can halt productivity and severely harm a reputation.

What is a Spear Phishing Example?

Imagine this scenario: 

You get an email from your boss. It appears to be a legitimate email in every way: the salutation is the same as in all the previous emails you’ve received, it is written using the same type of language that your boss typically uses, it includes specific details about a project you are currently working on and the signature and footer appear to be authentic. Except this is not a legitimate email. It is a highly targeted spear phishing email, crafted using advanced social engineering tactics to deceive you into sharing private information to benefit the attacker. Read on to learn more about this dangerous and costly attack scheme, and how you can mitigate your risk.

How to recognize a Spear Phishing email?

Although spear phishing campaigns utilize advanced social engineering technology to deceive users, there are various best practices that individuals should implement which will increase their chances of detecting these malicious emails:

• Scan all attachments for viruses or dangerous code.
• Verify shared links to ensure that they do not lead to fraudulent websites or malicious code.
• Check for spelling and grammatical errors which can indicate that an email is not authentic. Also, keep an eye out for suspicious subject lines and signatures.
• If an email looks suspicious in any way, make a phone call to the sender to confirm the legitimacy of the email.
• Think about each email you receive before clicking on links or downloading attachments. For example, ask yourself: Does an order confirmation email you’ve received correspond to a recent purchase you have made? Do the sender and recipient addresses make sense?

The image below is a spear phishing email which was identified and quarantined by Guardian Digital EnGarde Cloud Email Security. It mimics a legitimate FedEx shipment confirmation email very closely, and is an especially dangerous email for this reason. Some indications that this is a fraudulent email include: 

1. An invalid “From” email address
2. Invalid tracking information which differs in the subject and in the body of the email
3. A malicious attachment in the bottom left corner - FedEx does not send tracking information in the form of an attachment

These are spearphishing “red flags” that many people are not aware of, which is why investing in an advanced cloud email security is imperative to effective business email protection.

Preventing Spear Phishing Attacks

In addition to investing in an adaptive, comprehensive cloud email security, here are some email security best practices you should implement to further reduce your risk of falling victim to a spear phishing campaign:

• Invest in security awareness training to educate employees on how to identify spear phishing emails and how to proceed if they feel that they have received a malicious email. Employee training which promotes awareness of and education on spear phishing is an important aspect of protecting any organization
• Security teams must implement, maintain and update security technology and processes to prevent, detect and respond to ever-evolving spear-phishing threats
• Everyone in organisation should only click on embedded links or download attachments that you know are legitimate and safe.
• Create strong, complex passwords that contain a mixture of letters, numbers and symbols. Never use the same password for multiple accounts.

Spear phishing techniques have evolved to become extremely stealthy and difficult to detect, and a company’s only real hope for avoiding the devastation that can result from a successful spear phishing attempt is a fully-managed, state-of-the-art cloud email security. Read an article here for detailed info on 'What helps protect from Spear Phishing'

What to look for when choosing an Cloud Email Security:

1. Look for a solution that mitigates the risk associated with spear phishing and other advanced email threats though a defense-in-depth approach to email security. Multiple layers of security are necessary in preventing successful attacks, with each layer focusing on a specific area that can be exploited by threat actors. Layered security not just prevents attacks and limits their damage but it proactively identifies threats and malicious activities before they cause further grief.
2. An effective cloud email security protects employees against social engineering and impersonation attacks. It uses advanced intelligence techniques to recognize both new and existing attacks and prevent malicious malicious mail from reaching the inbox.
3. Look for an email security solution that neutralizes threats associated with malicious attachments and links using real-time URL filtering and scanning of broad file types including RTF files, Batch files, and VBS files.
4. An effective cloud email security utilizes the highest levels of encryption including SPF, DKIM and DMARC to provide complete, end-to-end email protection. 
5. Choosing a solution built with resilient open-source architecture is highly advantageous. An entirely open-source approach to email security is unusual, but highly beneficial in terms of security, flexibility and cost-effectiveness.
6. Find an cloud email security that is accompanied by exceptional 24x7x365 customer support. Specialized, passionate support is a critical aspect of any successful email security solution that often goes overlooked.

Your business can’t afford the aftermath of a successful spear phishing campaign. Don’t go another day with inadequate protection. Take action and sign up for a free trial of Guardian Digital EnGarde Cloud Email Security today!

Read about another type of email security threat: What is Whaling?