Snapchat and Seagate are just two of the latest companies to have fallen victim to spear phishing campaigns within the last month. As this highly-targeted approach to cyber attacks continues to claim enterprise victims, we take a look at some of the top spear phishing campaigns that companies are experiencing.
The Data Grab
Spear phishing isn’t always driven by criminals asking someone in Finance to transfer funds. Take the recent Snapchat attack where an employee in the payroll department was targeted by a dedicated phishing scam. A scammer impersonated the CEO asking for employee payroll information. Confidential payroll details about current and former employees were then mistakenly disclosed. Once equipped with this information, criminals have enough information to commit identify fraud – taking out credit in someone else’s name or even filing a phony tax return to get a tax rebate or refund.
Targeting System Admins
Increasingly IT is becoming a top-target for stealthy attackers looking to break into systems. For example, a phisher might pose as an executive and send an email asking for VPN credentials or server passwords. Often they will follow-up on this initial interaction with a fraudulent telephone call designed to add credibility and increase their success rate. Whereas criminals previously went after the consumer, now they are targeting big businesses and looking for new ways to sneak past their security measures in order to make money.
Business Email Compromise
The most publicized type of spear phishing is when someone in your Finance team receives an email instruction from the CEO letting them know that they need their support with a time-sensitive and confidential deal. The email address checks out so the Finance Controller replies and a dialogue is started that establishes rapport and trust. Then comes a clear directive to wire money to a specific bank account. Since most executives are reliant on email, there’s no phone call to confirm the transaction or secondary check so money is sent to an illegitimate account. Business Email Compromise has netted criminals $2 billion according to the Internet Complaint Center and affected 12,000 businesses worldwide in the last 18 months.
Protecting The Enterprise
Ultimately, no email should be sufficient to move money and no one person should be able to initiate and approve a wire transfer. Savvy organizations need to ensure that there is a mixture of inbound and outbound channels that can be used to verify any request for confidential or financial information.
Today’s businesses have to exercise a degree of caution by using tools like Agari Enterprise Protect to alert organizations to suspicious emails, regularly training employees and having robust processes in place. With the right approach, enterprises can restore trust in the inbox and prevent their business from being victims of carefully engineered and targeted attacks.