Email Security Blog

What is a Spear Phishing Attack?

Nikki Tyson November 3, 2015 Resources
Fallback Featured Image

While “phishing” has entered the vocabulary of most email users, the concept of a spear phishing attack is one that’s more elusive to the general public. It is a rarer type of cyber attack, but attention must be paid to this increasingly dangerous form of email crime. Both the FBI and the U.S. Secret Service have warned that 2015 could be the “year of spear phishing” – in June, the U.S. Secret Service issued a bulletin, warning that they are seeing a “significant increase in the frequency, sophistication, and fraud losses” associated with the rise of spear phishing attacks.

So what exactly is spear phishing and why is it progressively rearing its ugly head?

Where phishing scams involve a broad and varied range of targets, spear phishing hones in on a specific group, organization or even person. A very targeted email scam, the sole purpose of spear phishing is to obtain unauthorized access to sensitive data.  This could be theft of intellectual property, financial data, trade or military secrets – generally high-value, confidential data.

Like phishing, spear phishing is an attack typically carried out via email, and could be sent with either a malicious attachment or with a link to a malicious website. However, spear phishing emails are much more targeted, counting on familiarity to succeed. Spear phishers are much more sinister than phishers – for example, they will likely know enough about you to personalize the greeting to Hi [First Name], instead of “Dear Sir”. Cyber criminals may know details such as where you work, or have information about your recent online purchases. Referencing these details in their email will make the message seem legitimate, making the victim more likely to give the information the attackers are after.

Watch the video below to learn more about email fraud from Agari’s Field CTO, John Wilson.

Spear Phishing Attack Examples

  • The most common spear phishing emails seemingly come from the CEO and are sent to the CFO, instructing the CFO to wire money related to some kind of super-secret operation, over to an unfamiliar account. Alternatively, Financial Controllers at the company receive similar spoofed emails purporting to come from their CFOs.
  • A cybercriminal looking for intellectual property data could fake an email from a senior company executive and send it directly to a more junior staff member requesting copies of a document they need urgent access to. Given the urgency of the request, once the staff member realizes that the executive didn’t really send the email, the documents have already been compromised. The spear phishing email could link to a file share or other document storage tool used to view the requested documents, which can then be used to infiltrate the network and conduct other thefts or harmful acts.

With the growing availability of platforms through which attackers can leverage personal information, such as social media sites, potential victims are increasingly easy to identify and target.

spear phishing attack

As hackers continue to launch more sophisticated spear phishing attacks, the deployment of the DMARC standard for email authentication will only grow as organizations look to reduce the potential for email-based abuse. DMARC can help stop criminals spoofing a brand’s own domains and combat spear phishing by identifying and blocking fake e-mails that appear to be from trusted and even internal e-mail delivery domains.

Anyone who wants to take a proactive approach to eliminating all types of malicious email, including spear phishing, should investigate and implement DMARC in order to protect their business.

Agari Blog Image

June 30, 2017 Todd Weltz

Why are my Google Calendar Invites Blocked by DMARC?

Are you sending Google Calendar invites and not getting replies, or maybe your invitees tell…

Agari Blog Image

January 6, 2016 Agari

Security Infographic: 7 Ways to Protect Customers

To learn more about how email cyber attacks are impacting businesses – both financially and…

Agari Blog Image

December 15, 2015 Agari

Don’t Let Your Customers Be Fooled By Cousin Domains

In the last five years, we’ve all become far too familiar with it – hackers…

Agari Blog Image

November 10, 2015 Agari

Exploring Phishing Statistics

  At Agari, we are vocal about the steps organizations can take to protect their…

Agari Blog Image

October 28, 2015 Agari

The Finance Industry Is On Alert For Phishing

When cyber criminals mimic trusted brands, they tend to go where the money is by…

mobile image