‘Spear Phishing’ Email Con Is Costly For Victims
There have been alarming reports this month that the threat of phishing is escalating in severity and sophistication and is even becoming quite expensive for some victims.
While most phishing attempts are broadcast mails, dangling a hook to see if anyone bites, there has been a radical increase in the frequency of ‘spear phishing’.
This term is used to describe personalised attacks, directed at a specific individual, or sometimes a business.
In the past, hackers have found spear phishing too much like hard work because it has been time consuming.
Now, though, automated information harvesting, particularly from web sites and social media, has made it possible to generate realistic and highly targeted malicious emails.
As these contain details personalised to the intended victim, they can seem far more convincing than the suspicious looking efforts that we have become used to spotting.
Moreover, this new menace is being used to hold computers to ransom.
Folk tricked into believing the email and following its instruction have found their machines taken over and received demands to stump up serious cash to get them freed up again.
A report from cyber-security solutions specialists Proofpoint suggests that there have been at least 300,000 known incidents of this new threat, known as TA530, being received to date.
Most of these have been targeted at individuals with a presumed ability to pay, CEOs and other senior personnel, leading to suspicions that LinkedIn may be being used to select potential victims and source some of the details that will make the communication convincing.
Wariness of incoming emails is increasingly vital.
For more information about this specific threat, search Google for ‘Proofpoint TA530’.