Spear Phishing

This effective phishing method uses familiar names to trick you into divulging sensitive and confidential account information.

Spear Phishing is much like your usual phishing scheme in that it involves the usual email from your bank or some other place you log into for financial transactions.

The phishing emails begin the same way they always do. For example, one of these phishing attempts might say something like, "Your account is in danger of being terminated. This is your final termination notice. Please log into your account to verify your personal information..." or some similar variation on this theme. No doubt you are quite familiar with them by now.

But what if this email wasn't as anonymous as the usual one and it was sent by someone within the company you work for or even your boss? Isn't there a greater chance that you might click the link to check it out? If you do and then log in to make sure that everything is kosher, you have just been phished. This extremely targeted form of phishing is particularly dangerous because it works very well.

Spear Phishing uses a method called "Social Engineering"

In the context of computer security, social engineering is the practice of obtaining confidential information by manipulation of legitimate users. Users are often considered the weak link in computer security and social engineering exploits an individual's natural tendancy to trust a message that they would usually discard if it appears to be from a trusted source. Phishing schemes are evolving and becoming harder to detect as time goes on. The use of marketing techniques to target a certain group with a message carefully designed to entice them to click a link and then enter their credentials often succeeds where ordinary phishing emails would be ignored.

Spear Phishing attempts are on the rise

Spear Phishing attempts are on the rise. If you haven't received one of these phishing emails yet you probably will soon. Luckily, they are in the end just phishing attempts and your regular safe internet practices are all you need to protect against them. So just remember not to click links in emails that lead to financial or other online accounts and then enter your personal information. If in doubt make a phone call or ask a friend or send an email directly(don't hit reply!) to the person that supposedly sent you the email. You should always be wary when you get an email asking you to logon from a link in the message even if it's from someone who might actually send you such an email.

If you make "Never click a link in an email" your golden email rule your chances of getting "phished" are almost nill.

More Fraud Guides Phishing Information