Targeted phishing
Phishing attacks may be familiar, with cybercriminals sending emails to millions of potential victims around the world to deceive, scam or attack them. Usually, these messages come from a seemingly reliable source, such as our bank or a friend. Emails often contain an urgent message or a business offer that seems to be unavoidable. If you click on the link in the phishing email, you can go to a website that contains a malicious code that tries to break into your computer or attempt to collect our user data. The phishing email may also contain an infected attachment, and if the attachment is opened, it will attempt to infect your computer and take control over it. The cybercriminals send these emails to as many people as possible, assuming that the more victims will be, the more people open the email.
Spear phishing
While phishing is effective, a relatively new type of attack, called spear phishing, has been developed. The idea of attack is the same. The attackers send emails to their potential victims on behalf of a company or person in whom the recipients’ trust. However, with traditional phishing scams, targeted phishing leaves are quite targeted. Instead of sending millions to potential victims, cybercriminals send very few messages, perhaps to 5 to 10 well-chosen people. In contrast to general phishing, targeted phishing scams investigate targeted victims such as: by reading their LinkedIn or Facebook accounts, or by reviewing the messages they post on public blogs and forums. After studying the possible targets, the attackers make a very customised email that may seem relevant to the target. Thus, individuals are more likely to become victims of the attack.
The effectiveness of targeted phishing
The method of targeted phishing is used when an attacker wants to attack you or a company specifically, to access confidential information, such as the company’s business secrets, sensitive technology plans or confidential government communications. But you may also be the first step in reaching another person/company. Attackers can win a lot, so they are willing to spend time and money regretting their targets. For example, a foreign government thinks that a company is developing a product or technology that is key to its economy and starts attacking it. They examine the company’s website and identify a few key players who make a complete dossier. After analysing the targeted individuals, the attackers make a targeted phishing email, eg. on behalf of a company supplier. The email contains an attachment that may appear to be an invoice.
While it is a malicious code file, people are around, 50–60% of them manage to deceive and open the attachment, thereby giving the attacker access to their computer.
Targeted phishing is a more dangerous threat than simple phishing attacks, as attackers target specific charges on some people. This does not simply increase the chances of success of the attackers, but it is more difficult to discover these attacks.
How much money do they earn?
Recently, thanks to the Gigaom portal, everyone was aware of the black market price list for cybercriminals. Prices can be as follows:
- Entry details for a Facebook account with 1,000 friends: US$15
- Entry data for a Twitter account with 10,000 followers: US$15
- Price for a person (name, credit card number, other identifiers): US$4–5.
These prices may seem low for the first time, but fraudsters often catch up to millions of times over the course of major incidents, making a very large revenue overall.
The way of defense
The first step in defending against targeted attacks is to understand that we can be targets. Ultimately, we have confidential information that someone else wants to obtain. The following measures can help you defend:
Limit publicly available information about yourself, such as mailing lists, Facebook and LinkedIn data. The more personal information we share with others, the easier it is for attackers to send us an email that seems to be relevant and original.
If an email asks you to open an attachment or if a link in it appears suspicious or requests confidential information, check the message. If it seems that the email came from a company or a person you know, look at the signature, contact the sender and verify that he actually sent the email.
Keep in mind that you cannot filter out and stop any email-related attacks, especially those related to targeted phishing. If an email seems strange at first glance, read it carefully and if we feel that we have received a targeted phishing scam or even fall victim to it, contact customer service or people responsible for the security of the systems.
It is very important to start using a security-conscious computer early enough because phishing scams do not only travel to the bank details of the parents, but also to Facebook account information and are not sorted by age. Therefore, children should be recognised as soon as possible of the dangers and tricks described above. It is also important to tell the children that if they encounter a security alert, they should avoid the site.
