Hackers come up with new ways every day to gain access to our computers. They have been evolving on a continual basis, and there is a new attack that computer users need to be wary of, and it is called spear phishing. It is a sophisticated attack that is meant to target businesses of all sizes.
Define Spear Phishing
In case you do not know what phishing is, let us start there. Phishing is basically an attempt to get information from people by sending out mass email to people. It is a numbers game and it uses deceptive emails to trick people into giving out information. Spear phishing is different, however, because it is more targeted. Attackers will try to find information about specific people on the Internet and send personalized emails to that person. It will appear to be coming from an acquaintance. It will typically contain a link to a program that will then steal more information or infect a PC.
Usually, these links are directed to websites where you enter passwords, account information or personal financial information. This information can then be used to do further damage. It can be used to break into systems or steal a person’s identity outright.
How Can You Protect Yourself
For now these attacks are going after big businesses and large corporations. But, that does not mean small businesses should let their guard down. There is a good chance they will be targeted with this method at some point.
The best defense is to be extra careful with emails. Since emails seem to come from people you know, you need to double check the sender’s email address if possible. Also, it is a good idea to read the body of the email carefully. Many hackers come from foreign countries and their writing can look suspicious if you read it carefully. You can also pay attention to the tone of the message compared to emails coming from the same person previously. If the tone is serious and you are used to the sender using humor, for example, then that could be a red flag.
Another good defense is to pay attention to the links in the emails messages. Do not worry about asking the sender for more detail if it looks suspect. Also, if you are directed to a site that asks for any personal information then it is a good idea to make sure that it is using encryption. You can tell it is using it if the address begins with HTTPS://. If you go to a site asking for personal information that just says HTTP:// then it should be avoided.