You Could Be At Risk: SPEAR PHISHING

You’re at risk! Even if you don’t think you are. We’ve all heard of scammers phishing for our information, but do you know what spear phishing is? This is a more targeted attack when the perpetrator tends to already have some information on their targets, making you feel comfortable and more likely to give away key information. I know what you’re saying right now, ‘This wouldn’t happen to me, I can see right through these scammers,’ but unfortunately that’s what thousands of victims have said after they were caught by spear phishers!

Phishing has been around practically since the inception of e-mail, and has spread like a wild fire as the internet has grown, attacking the masses with the hope of one or two percent either uneducated or unaware people responding with their information. Spear phishing on the other hand is a newer concept that has risen stemming from our increased sophistication and awareness of scammers, forcing said scammers to become smarter. The direct messages gain your trust on a personal level, posing as either a local business, your bank, or even a religious group that you might be swayed by. A 2017 study revealed that 77% of spear phishing attempts were sent to 10 emails or fewer, reemphasizing the ‘laser focused design’ these scammers utilize.

Are you a target? Even if you individually wouldn’t be, your accounts are constantly at risk. In a day when company information has been breached and customer information stolen more often than ever, cyber-security has become a serious concern. Data breaches in 2018 are therefore often viewed as sophisticated hackrs, when in fact they are just incredible spear phishers who prey on those working for companies who hold access to this information. When an email comes in from ‘your boss’ demanding certain private info, it is hard to not react quickly before thinking it could be a fake email, and this is how many data-breaches have occurred. To date. ‘According to the FBI, businesses have lost businesses have accumulated more than $2.3 billion in losses to targeted phishing attacks in three years.’

On an individual basis, university students have been targeted recently as fake ‘recruiters’ for job opportunities on campus and after graduation don’t seem sketchy to college students. Recently the FBI put out a warning to university students as scammers communicate through email with students and then send a check to ‘cover expenses.’ The student would then be instructed to wire money to buy the ‘fixed costs’ necessary to ‘do the job’ and students would do so, only to find out the check they had been given would turn out to be no good, but the money would already be gone. Especially those who have busy lives going on, spear phishers can sneak into their lives with a personal touch, and extract information you’d never give away unless you were truly invested. Other examples can be found in groups or individuals who are deeply invested in and or sympathize with extreme ideologies. What does this mean? Think about a political group that is so far left or so far right that you can’t even have a discussion with them. Now imagine they received an email from their local church supporting their ‘cause.’ You can bet that the individual a part of that extreme group is going to respond… happily.

Spear phishing was recently found attempting to influence the upcoming mid-term elections as ‘election threats’ were sent through Gmail accounts. The idea is clear as individuals were attempting to sway the vote or rather voter turnout through fake threats. Google investigated this and has already shut down hundreds of accounts around the country, but the problem is that these are only the accounts that have been found. Imagine how many exist that we don’t know about… There are only so many ways to track and find these accounts if they are not being reported, and if the email sent specifically says for people to ‘not report’ the email or there will be consequences, wouldn’t you be a bit hesitant?

Once again, we all feel safe because we believe we personally can’t be fooled, but I also don’t want you to live your life in fear. Be smart, be aware, and don’t be naïve to emails, texts, or calls from people you haven’t heard from before. Simple enough! Click HERE if you want to see how to easily identify spear phishing and avoid it.