SpamStopsHere Reports Rise in Spear Phishing AttacksDate: October 25, 2005
Spear phishing is the latest spam technique used by cyber-criminals to gain access to secure corporate networks and steal sensitive data. Unlike traditional phishing attacks in which millions of emails are sent indiscriminately, spear phishing attacks are extremely targeted and focus on one end user or organization at a time. Spear phishing emails are designed to appear as if they are sent from a trusted individual or particular department within one’s organization, and typically ask for login IDs and passwords.
Spear phishing is much more time intensive for cyber-criminals, and requires that the perpetrator study the target company and gather information on key department personnel. Information is typically gathered through public databases, articles/postings on company web sites, telephone inquiries, and hacking.
After a network has been compromised by a spear phishing attack, the attacker installs malicious software that gathers and extracts sensitive private and corporate data, often sold to third parties or used for identity theft or extortion. Attacks, if publicized, can severely damage an organization’s reputation and degrade customer trust.
The sharp rise in spear phishing attacks has forced IT Security professionals to adapt with new security strategies and protocols. Network administrators are once again faced with the challenge of constantly reinforcing network protocols within their organization. Some organizations are even going so far as to launch faux spear phishing attacks on their employees in order to evaluate reactions; offending employees are then coached in handling live spear phishing attacks.
“With spear phishing attacks growing in number, employees receiving seemingly legitimate email requesting sensitive data should validate the request with the sender,” said Ted Green, CEO of SpamStopsHere (www.spamstopshere.com). “More often than not, a potential corporate tragedy can be avoided by simply picking up the phone. Employee education is the most effective weapon in thwarting spear phishing attacks.”
About Greenview Data:
Greenview Data, Inc. has been providing its critically acclaimed SpamStopsHere network security solutions to clients across the globe since 2002. GDI also created and developed the powerful VEDIT ™ text editor, which has been licensed to over 150,000 users since 1980. EBCDIC to ASCII conversion makes up the third division of Greenview Data; providing conversion solutions through turn-key contracting and consulting. Through the growth of its SpamStopsHere hosted service, and exciting R&D projects, Greenview Data, Inc. is looking to the future and another successful 24 years. Greenview Data is headquartered in Ann Arbor, Michigan.
Add comment Email to a Friend