Our certified specialists can work with you to find the best solution to deliver the business outcomes you need, no matter the challenge.
We take the time to understand your unique business needs and challenges. Our certified specialists can work with you to find the best solution that suits you.
Spear phishing is incredibly commonplace. As many as 90 per cent of targeted cyberattacks begin with a spear-phishing email. And given the way that spear-phishing works, that's not surprising.
Social engineering techniques used to track victims include email, social media, SMS and other messaging apps, so there is a level of trust involved because we all think we're at least relatively careful with the kind of information we share with the world… but are we careful enough?
Last year the average amount of time people spent on social media each day was 144 minutes. If you have a smartphone, check your screen time settings - chances are, you spend even longer scrolling through Instagram, chatting on Facebook Messenger and other social media platforms.
By sending a tweet, posting an online photo, or participating in harmless social media discussion, you could be sharing more data than you bargained for, including:
All attackers will have an intent behind their phishing activity – often to steal and sell your data, but those using spear-phishing are looking to be more targeted – they want to steal your identity, and then use it to target your friends, family and colleagues further or use it to extort you.
The sophistication of these attacks means more people fall prey to these kinds of activities, even if they are somewhat savvy. And it's an easy mistake to make - they're incredibly targeted – 77 per cent of attacks target ten mailboxes or less, while one third (33 per cent) targeted just one mailbox.
Attackers are incredibly smart when it comes to the tactics they use to get your information in the first place. They may pretend to be a person or company you trust – Australia Post, Apple, your bank, a shop you buy from, your employer, your university alumni.
Paypal, Amazon and Apple are three companies that attackers regularly use for spear-phishing activities.
How often do you see an email from one of them asking you to reset your password or follow some other kind of direction or risk having your account shut down? Given that many of these emails have the marks of a legitimate email – logo, URL (likely masked), name, footer information, etc. – it's easy to get duped.
There are many things you and your team can do to avoid getting caught out by a spear-phishing attack:
Threat intelligence is a rather timely topic, as m...