FBI Warns Spear Phishing Is on the Rise

Written by Sue Walsh on July 5, 2013

spear phishingSpear phishing attacks have been steadily rising and now they are proliferating at such an alarming rate that the FBI has issued a warning about them.

Like traditional or “wide net” phishing attacks, spear phishing attacks try to trick people into handing over log in credentials, credit card numbers, and other sensitive data, but the cybercriminals behind spear phishing attacks carefully tailor them to a specific group of people, for example CEOs, financial advisers, or customers of a certain financial institution.

“Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update. If victims click the link, they are taken to a fraudulent website through which malicious software or malware harvests details such as the victim’s usernames and passwords, bank account details, credit card numbers, and other personal information. The criminals can also gain access to private networks and cause disruptions, or steal intellectual property and trade secrets,” the FBI stated.

Spear phishing has grown in popularity because the chances of such attacks being successful are greater than those of traditional spear phishing attacks. The more carefully crafted and targeted an attack is, the more legit it seems to the recipients. This means a greater likelihood that the phishers will be able to collect data they can use to clean bank accounts, log into private networks and peruse confidential documents, or sell on the black market.

Phishing attacks are becoming more and more sophisticated. At one time it was easy to spot them due to the broken English and horrible grammar used in them, but these days they are often in perfect English with very convincing corporate letterheads, and thanks to various data breaches, they may even contain user names instead of the generic “Dear User”.  It’s very important to make sure your employees are educated in how to spot and avoid phishing attacks and equally important to have a response plan in case your company is brandjacked for one of them. In order to stay one step ahead, you’ve got to stay informed!

Comments

Norman July 6, 2013

This is hardly news – phishing attacks have been on the rise for a long time. But it’s good that the FBI themselves reported this because it could have been that somebody leaked the info for them, if you see what I mean. :)

Paulo Jose July 30, 2013

I agree. Phishing attacks have always been around. They never really faded out of glory. However, nowadays, they have become are more sophisticated; more complex. It is now difficult to spot them. Yes, the broken English, incorrect spelling and confusing sentences of earlier Phishing scams have been replaced by almost-perfect English that can fool practically anybody. Therefore, tt is high time that the fight against Phishing goes up a few notches higher, too. There should also be more sophisticated and complex ways of fighting phishing and spam! And it can start with the FBI finding better and longer lasting solutions…

  • (required)
  • (required)