{"id":4543,"date":"2021-12-15T13:55:22","date_gmt":"2021-12-15T08:25:22","guid":{"rendered":"https:\/\/www.tikaj.com\/?p=4543"},"modified":"2023-10-27T12:31:07","modified_gmt":"2023-10-27T07:01:07","slug":"spear-phishing-attack-incident","status":"publish","type":"post","link":"https:\/\/www.tikaj.com\/blog\/spear-phishing-attack-incident\/","title":{"rendered":"Know-How : We Fought back a Spear Phishing Attack in 6 Easy Steps!"},"content":{"rendered":"\n
Like every phishing campaign, spear-phishing campaigns are also used to fetch and collect your sensitive information, credentials and ask you to click legitimate-looking malicious links. <\/p>\n\n\n\n
Phishing is not a new term that you are hearing for the first time and with advanced and sophisticated email security tools they are no longer able to fool wary individuals. Hence, threat actors are every day employing new tactics to fool people and Spear Phishing is one such attack type that has proven to be lucrative enough to fool people.<\/p>\n\n\n\n
What is Spear Phishing Attack?<\/strong><\/h2>\n\n\n\n
Identity Masked, message tailored, legitimate sender, an urgent request? Guess what it is: a Spear Phishing Target Email.<\/strong><\/p><\/blockquote><\/figure>\n\n\n\n
Your website is your brand image online and a gold mine for attackers to know about your organization. A few small surface searches and they know all the nitty-gritty of your organization, be it the name of your employees, their position, the hierarchy chain, or even the jargon you use to interact with them. These details may be of little to no value for you but these little sprinkles are served to you in a manner that increases the authenticity of an email. Sounds dangerous, right?<\/p>\n\n\n\n
Why is Spear Phishing Rising?<\/strong><\/h2>\n\n\n\n
Spear Phishing is on the rise because THEY WORK. With a basic understanding of phishing emails, anyone can understand that the email is dubious but what makes spear phishing work is their detailed approach, they are targeted and that increases their authenticity by 10x. What makes them stand out is that traditional security defenses can\u2019t detect and flag them, these emails come into your inbox and not your spam folders. <\/p>\n\n\n\n
A normal phishing email blankets a company\u2019s entire database however Spear Phishing Email targets a specific individual in a specific organization with a specific\/clear mission to accomplish. Spear phishing is one of the most prevalent APT attacks. The return on an APT attack is a lot higher because of its precision and expertise, cybercriminals put a lot of homework before they launch one. So, stay vigilant.<\/p>\n\n\n\n
Now comes the main part, Here is what happened to us<\/strong><\/h2>\n\n\n\n
One of our employees was acquainted with a similar spear-phishing attack where the attacker planted a seed of \u201cHelping someone\u201d in the email. We all want to practice kindness and help someone in need and especially if there is something urgent and the tendency to help increases when the help is coming from someone within your organization. Though the employee cautiously followed a few simple steps which we will discuss later in the blog and the employee successfully fought back the attack, not everyone can be that cautious every time.<\/strong><\/p>\n\n\n
\n<\/figure><\/div>\n\n\n
If you receive an email like this, do the following!<\/strong><\/h3>\n\n\n\n
At home:<\/strong> Delete <\/p>\n\n\n\n
At work:<\/strong> Follow the predefined policies, if you\u2019re still skeptical about something, ask someone for help immediately!<\/p>\n\n\n\n
Stay Safe Online<\/strong><\/h2>\n\n\n\n
These few simple steps can keep your organization safe.<\/p>\n\n\n\n