{"id":125,"date":"2015-02-23T08:02:28","date_gmt":"2015-02-23T14:02:28","guid":{"rendered":"http:\/\/ericlambert.net\/blog\/?p=125"},"modified":"2015-02-23T08:02:28","modified_gmt":"2015-02-23T14:02:28","slug":"dont-get-hooked-phishing-spear-phishing","status":"publish","type":"post","link":"https:\/\/ericlambert.net\/blog\/2015\/02\/23\/dont-get-hooked-phishing-spear-phishing\/","title":{"rendered":"Don\u2019t get Hooked by Phishing or Spear Phishing"},"content":{"rendered":"<p>Cyber attacks such as the Anthem breach, the Home Depot breach, and the Target breach are becoming almost commonplace.\u00a0 Major cyber attacks compromising information about millions of people often start not with a bang, but a whisper &#8211; a \u201cphishing\u201d or \u201cspear phishing\u201d email through which an attacker tries to acquire login credentials that can be used to launch a sophisticated and crippling attack. Over 90% of cyber attacks take the form of, or start with, a spear phishing attack, and phishing attacks are also very common. These attacks happen both in the office and at home. Phishing and spear phishing attacks can happen at <span style=\"text-decoration: underline;\">any time<\/span>, and can target <span style=\"text-decoration: underline;\">any person or employee<\/span>.<\/p>\n<p><strong><span style=\"text-decoration: underline;\">What is \u201cPhishing?<\/span><\/strong><strong>\u201d <\/strong>In a \u201cphishing\u201d attack, an attacker uses an email sent to a <strong>broad group of recipients<\/strong> (and not targeted to a specific group) to\u00a0<strong>impersonate a company or business<\/strong> in an effort to get you to reveal personal information or login IDs\/passwords, or to install malware or exploit a security hole on your computer.\u00a0 It generally uses an official-looking email and website to gather information, and often contains the logo(s) of the company it is impersonating.<\/p>\n<p><strong><span style=\"text-decoration: underline;\">What is \u201cSpear Phishing?<\/span><\/strong><strong>\u201d <\/strong>In a \u201cspear phishing\u201d attack, an attacker uses an email <strong>tailored for a specific group of recipients<\/strong> (e.g., a group of employees at a specific business), often <strong>impersonating an individual such as someone from your own company or business,<\/strong> in an effort to get you to reveal personal information, login IDs\/passwords, to steal money or data, or to install malware or exploit a security hole on your computer.<\/p>\n<p><strong><span style=\"text-decoration: underline;\">How do I spot a phishing or spear phishing email<\/span><\/strong><strong>?\u00a0 <\/strong>Look for one or more of these key indicators that an email in your inbox is actually a phishing or spear phishing attack.<\/p>\n<ul>\n<li><span style=\"text-decoration: underline;\">The email has spelling or grammatical errors<\/span>. A phishing or spear phishing email often contains spelling or grammatical errors, and does not appear to be written by a business professional.<\/li>\n<\/ul>\n<ul>\n<li><span style=\"text-decoration: underline;\">You do not recognize the sender\u2019s email address<\/span>. If you get an email asking you to click on a link or open an attachment, look carefully at the email address of the sender.\u00a0 Be especially alert for email addresses that are similar to, but not the same as, your company\u2019s email address (e.g., \u201cjoe.johnson@microsoft.co\u201d instead of \u201cjoe.johnson@microsoft.com\u201d).<\/li>\n<\/ul>\n<ul>\n<li><span style=\"text-decoration: underline;\">The email contains links that don\u2019t go where they say they do<\/span>. Before you click on a link in an email you don\u2019t recognize, \u201chover\u201d your mouse cursor over the link. A pop-up will appear showing you where the link will go.\u00a0 If they don\u2019t match, it\u2019s probably a phishing or spear phishing attempt<strong>.<\/strong>\u00a0 In this example, this innocuous-looking link actually goes to a malicious website:<\/li>\n<\/ul>\n<p><a href=\"http:\/\/ericlambert.net\/blog\/wp-content\/uploads\/2015\/02\/Bad-link-sample.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-128\" src=\"http:\/\/ericlambert.net\/blog\/wp-content\/uploads\/2015\/02\/Bad-link-sample.jpg\" alt=\"Bad link sample\" width=\"597\" height=\"104\" \/><\/a><\/p>\n<ul>\n<li><span style=\"text-decoration: underline;\">The email asks you to open an attachment you don\u2019t recognize<\/span>. Many spear phishing emails ask you to open an attachment or click on a link.\u00a0 If an email you don\u2019t recognize asks you to open an attachment you weren&#8217;t expecting or that doesn&#8217;t look familiar, or to click on a link you don\u2019t recognize, don\u2019t click on it or open it, and check with your IT or Security department if you want to know for sure.<\/li>\n<\/ul>\n<ul>\n<li><span style=\"text-decoration: underline;\">The email seems to be a security-related email, or asks you to take immediate action<\/span>. Watch out for emails that state that your account will be suspended; ask you to reset, validate or verify your password, account information or personal information, or otherwise ask you to take immediate action to prevent something from happening.<\/li>\n<\/ul>\n<ul>\n<li><span style=\"text-decoration: underline;\">The email relates to a current news event<\/span>. Many phishing emails use a current news event, such as a natural disaster or security breach, to get you to provide information, click a link or open an attachment.<\/li>\n<\/ul>\n<ul>\n<li><span style=\"text-decoration: underline;\">The email contains information from your social media accounts or other public information<\/span>. Spear phishing attackers will often look at your public social media accounts (e.g., your Facebook feed, LinkedIn profile, tweets, etc.) and other public sources (e.g., Google searches) and use information about you or your friends to make a spear phishing email seem authentic.\u00a0 If an email contains personal information about you other than your name and email address, take a close look to ensure it\u2019s not a spear phishing attempt.<\/li>\n<\/ul>\n<p>If you think an email you received is a phishing or spear phishing attempt, (1) <strong>do NOT click or open any links or attachments in the email<\/strong>, (2) if you are at work, <strong>immediately<\/strong> <strong>contact your Security or IT department to report it<\/strong>, especially if you clicked on an attachment or link or otherwise took action before you realized this (failing to report it will be <span style=\"text-decoration: underline;\">much<\/span> worse, so don&#8217;t be embarrassed); and (3) <strong>delete the email immediately<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyber attacks such as the Anthem breach, the Home Depot breach, and the Target breach are becoming almost commonplace.\u00a0 Major cyber attacks compromising information about millions of people often start not with a bang, but a whisper &#8211; a \u201cphishing\u201d &hellip; <a href=\"https:\/\/ericlambert.net\/blog\/2015\/02\/23\/dont-get-hooked-phishing-spear-phishing\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,8,12],"tags":[139,163,173],"class_list":["post-125","post","type-post","status-publish","format-standard","hentry","category-legal","category-nonlegal","category-technology","tag-phishing","tag-security","tag-spear-phishing"],"_links":{"self":[{"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/posts\/125","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/comments?post=125"}],"version-history":[{"count":0,"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/posts\/125\/revisions"}],"wp:attachment":[{"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/media?parent=125"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/categories?post=125"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ericlambert.net\/blog\/wp-json\/wp\/v2\/tags?post=125"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}