Email Threats Explained: What is Spear Phishing?

What is spear phishing?

Imagine this scenario..

You get an email from your boss. It appears to be a legitimate email in every way: the salutation is the same as in all the previous emails you’ve received, it is written using the same type of language that your boss typically uses, it includes specific details about a project you are currently working on and the signature and footer appear to be authentic. Except this is not a legitimate email. It is a highly targeted spear phishing email, crafted using advanced social engineering tactics to deceive you into sharing private information to benefit the attacker. Read on to learn more about this dangerous and costly attack scheme, and how you can mitigate your risk.

Spear phishing is the act of sending fraudulent emails that appear to be from a known or trusted sender in order to obtain sensitive information. In this highly targeted variation of phishing, messages often appear to be from someone you know such as a company colleague, your bank, a family member or a friend. Spear phishing emails can include personal information obtained through social engineering such as information pertaining to a person’s job, a phone number or an address, making these fraudulent messages especially difficult to differentiate from legitimate emails. Spear phishing is becoming an increasingly popular method of attack because it is generally more successful than conventional phishing. As opposed to sending hundreds of thousands of relatively generic emails out at a time, spear phishing campaigns involve researching victims and using advanced intelligence strategies to compose just a thousand or so convincing messages. With the prevalence of spear phishing on the rise, 64% of infosecurity professionals were targeted by spear phishing in 2018.

Spear phishing can be viewed as a cyber crime double-play. Attackers have the ability to compromise the identity of one business and then use it to steal the personal information of another. It is frequently a preliminary attack vector in data breaches and data theft, which have the potential to drain bank accounts and destroy reputations. Currently, over 95% of all attacks on enterprise networks are the result of successful spear phishing. 

High-profile examples of spear phishing, such as the role that spear phishing played in the hacking of the 2016 election, are often featured in the media; however, spear phishing campaigns frequently target SMBs and can have disastrous implications. In fact, 59% of all spear phishing attacks are aimed at small and medium sized businesses. A successful spear phishing attack can carry a hefty cost, especially for a small company, and can halt productivity and severely harm a reputation.

How to recognize a spear phishing email

Although spear phishing campaigns utilize advanced social engineering technology to deceive users, there are various best practices that individuals should implement which will increase their chances of recognizing these malicious emails:

• Scan all attachments for viruses or dangerous code.
• Verify shared links to ensure that they do not lead to fraudulent websites or malicious code.
• Check for spelling and grammatical errors which can indicate that an email is not authentic. Also, keep an eye out for suspicious subject lines and signatures.
• If an email looks suspicious in any way, make a phone call to the sender to confirm the legitimacy of the email.
• Think about each email you receive before clicking on links or downloading attachments. For example, ask yourself: Does an order confirmation email you’ve received correspond to a recent purchase you have made? Do the sender and recipient addresses make sense?

The image below is a spear phishing email which was identified and quarantined by Guardian Digital EnGarde Email Security Gateway. It mimics a legitimate FedEx shipment confirmation email very closely, and is an especially dangerous email for this reason. Some indications that this is a fraudulent email include: 

1. An invalid “From” email address
2. Invalid tracking information which differs in the subject and in the body of the email
3. A malicious attachment in the bottom left corner - FedEx does not send tracking information in the form of an attachment

These are spear phishing “red flags” that many people are not aware of, which is why investing in an advanced email security gateway is imperative to effective business email protection.

How to protect your business email from the most sophisticated spear phishing campaigns:

Employee training which promotes awareness of and education on spear phishing is an important aspect of protecting any organization; however, user behavior is unpredictable. Thus, to effectively protect a business from spear phishing, a safeguarded environment must be built around the user. This involves investing in an advanced, comprehensive email security solution.

Spear phishing techniques have evolved to become extremely stealthy and difficult to detect, and a company’s only real hope for avoiding the devastation that can result from a successful spear phishing attempt is a fully-managed, state-of-the-art email security gateway.

What to look for when choosing an email security gateway:

1. Look for a solution that mitigates the risk associated with spear phishing and other advanced email threats though a defense-in-depth approach to email security. Multiple layers of security are necessary in preventing successful attacks, with each layer focusing on a specific area that can be exploited by threat actors. Layered security not just prevents attacks and limits their damage but it proactively identifies threats and malicious activities before they cause further grief.
2. An effective email security gateway protects employees against social engineering and impersonation attacks. It uses advanced intelligence techniques to recognize both new and existing attacks and prevent malicious malicious mail from reaching the inbox.
3. Look for an email security solution that neutralizes threats associated with malicious attachments and links using real-time URL filtering and scanning of broad file types including RTF files, Batch files, and VBS files.
4. An effective email security gateway utilizes the highest levels of encryption including SPF, DKIM and DMARC to provide complete, end-to-end email protection. 
5. Choosing a solution built with resilient open-source architecture is highly advantageous. An entirely open-source approach to email security is unusual, but highly beneficial in terms of security, flexibility and cost-effectiveness.
6. Find an email security gateway that is accompanied by exceptional 24x7x365 customer support. Specialized, passionate support is a critical aspect of any successful email security solution that often goes overlooked.

Your business can’t afford the aftermath of a successful spear phishing campaign. Don’t go another day with inadequate protection. Take action and sign up for a free trial of Guardian Digital EnGarde Email Security Gateway today!