Written by: Daniel Haurey on 02/14/20

Spear phishing is becoming an increasingly prevalent means of a cyberattack. In fact, Symantec reported that 65% of all malicious groups initiate cyberattacks with spear phishing, in their 2019 Internet Security Threat Report. Unfortunately, this means that many organizations have fallen victim to this type of attack. However, we will explore some actions that can be taken in the event of being spear phished. First, let’s explore what spear phishing is exactly.

What is Spear Phishing?

Spear phishing is a targeted cyber attack that uses personal information gathered about a victim, to steal sensitive information such as identity or financial details. This personal information may be gathered from publicly available data sources such as Facebook or LinkedIn profiles. The difference between spear phishing and regular phishing is its targeted nature. A regular phishing attack is a general attempt to trick someone with a malicious message in order to steal their sensitive information.

After gathering information specific to a person, a malicious party can then target them with an email, social media message, or text message. The personal information they gathered can be used to essentially send a message which impersonates someone the potential victim already knows. The content of the message then lures the victim to share sensitive information or download malware. If the message from the malicious party is crafted well enough, there is a high probability that this type of attack could be successful.

What to Do If You’ve Been Spear Phished

One of the first steps that you should take is to start an internal investigation in your organization. You should do this to identify the message that was responsible for the infiltration. You should then adjust your email filters to block similar messages in the future.

You will also need to scan all the computers where spear phishing occurred and clear them of any infected files.

Your team will also need to ensure that they ensure that all passwords are changed for compromised accounts.

Any affected credit cards will also need to be canceled. You will also need to monitor for signs of identity theft and fraud alert on your credit card account to ensure your safety.  Last but not least, we recommend that you do a Dark Web Scan to see if any of your organization’s information is for sale on the Dark Web.  Exigent offers a FREE Dark Web Scan by simply contacting us.

Methods of Prevention In The Future

Probably the most important thing to do after carrying out a thorough investigation is to examine the behavior of employees in your organization. You will have to ensure that employees carefully examine the content of all messages. If they receive communication that contains requests which violate company policy, then red flags should be raised. Links in communications such as emails should also be carefully examined. A common means of deception in any type of phishing attempt is to send a message which looks like it could be from a legitimate source with links resembling those from the website of a reputable company. However, the link to the fake, malicious website is usually spelled slightly differently. On the other hand, some links are just plain suspicious and should be ignored.

You should also make sure that the software used by your organization is kept up to date. This is important because updates usually feature bug fixes which could stop some spear phishing attempts dead in their tracks.

Preventing spear phishing will save your company lots of hardships. A spear phishing attack can be costly and may even leave your company in breach of regulations such as the GDPR, HIPAA, and PCI DSS depending on the sector you’re operating in.

Wrapping Up

Spear phishing is a targeted malicious attack usually carried out through forms of messaging, including emails, text messages, and social media messages. Infiltrations as a result of a spear phishing attack usually result in compromised identity and financial data. Being compromised can be costly and may even cause your organization to be in breach of various regulations. However, there are a few steps mentioned above that you can take to keep your data, and that of your customers, safe.

If you are concerned about your cybersecurity or compliance posture, contact us at (877) EXIGENT.