Spear-phishing hooks
Written by Anthony Voigt Wednesday, 16 November 2011 18:46
Imagine getting an email that seems to come from a good friend urging you to open a joke attachment: it would be hard to resist. But if you’re not careful, that humorous email attachment could actually contain a hidden trojan that can be secretly installed on your computer. If that happens then you’re in trouble, because the trojan can then track and record all your subsequent computer use, including the times you conduct online banking.
The risk of this is growing as cyber-criminal activity is increasingly becoming more focussed… and hence more effective.
A perfect example is the shift in phishing techniques away from wide-scale spam phishing emails to targeted, personalised attacks. These attacks are known as ‘spear-phishing’ as they target individuals or just small groups. They take the form of tailored, personal emails. They can sometimes appear to come from reputable organisations or even from friends and family – so they’re harder to spot.
CSO Magazine just released a timely reminder Four spear-phishing hooks for the holidays outlining the types of spear-phishing attacks that we might expect over the holidays. Check out these four potential spear-phishing tactics to look out for.
'Kick off your holiday shopping with this 10% off coupon'
If you’ve signed up for email communications from an online shop or even your local shopping centre, then you wouldn’t be surprised to receive a holiday discount offer. But if you do get one, you might be advised to avoid any links or discount coupons embedded within the email and go straight to the website to check out the offer – you never know.
'We (eg, your employer) would like to thank you for your hard work this year and invite you to enter our holiday raffle'
If you received an email at work offering you the chance to enter into a company raffle would you believe it? Before inputting your personal details into an emailed form, it might be advisable to check it’s legitimate. It could be a tactic to steal your personal information.
'An inspection has turned up mould/electrical wiring issues/air-conditioning problems in a number of buildings. Click here for details'
Imagine receiving an email that seems to come from your building supervisor, advising of the risk of a serious building problem. Common curiosity mixed with concern would prompt many people to click on the attachment to see if their building is affected. But of course, that attachment (masquerading as a harmless spreadsheet) might actually contain a trojan… in which case see tactic 1.
'As part of our payroll system migration program, please enter your updated information to avoid interruption of your direct deposit'
Before providing all your personal bank details to cyber-criminals it would be sensible to check on the veracity of any email like this. It might be legitimate, but then it might not.
As CSO finishes in saying: while we don’t have to be suspicious of everything; it’s prudent to be slightly suspicious.
- About
- About Brighton ConsultingLearn more about how we operate at Brighton Consulting.
-
Corporate OverviewOur history, where we've been and what we do.
-
Our TeamAn introduction to the people who make up the Brighton team.
-
Project PortfolioView our extensive print and digital design portfolio.
-
AffiliatesWe pride ourselves on developing strong relationships with others.
-
ContactDo you have any questions? View our contact details here.
-
CareersWant to join our team? Learn more about opportunities at Brighton.
- Products
- Our Range of ProductsA range of products that streamline business functions and online capability.
-
Byond Online PublisherRead about our enterprise level Content Management System.
-
FormMasterA program to create, edit and manage online forms.
-
Byond IntranetA feature-rich, powerful, fully-supported intranet solution.
-
InfoCastEnsure HLKFS compliance and generate leads
-
Mobile WebsitesAllow customers to interact with you via mobile devices.
-
EIVSOnline acquisition with Electronic Identity Verification System.
-
FactCastAn automated tool for document downloading and lead management.
-
PHISHQUIZTest your knowledge of fraud with our online quiz.
-
CUtipsEngage consumers with our online football competition.
-
CalculatorsA suite of highly-functional, cost-effective online calculators.
-
OtherFind out about other products offered by Brighton Consulting.
- eBusiness Service
- Brighton Consulting's eBusiness ServiceAn integrated eBusiness Service for websites, intranets and online marketing.
-
OverviewWhat you can expect from our eBusiness Service.
-
BenefitsThe benefits you gain from our eBusiness Service.
-
Website DevelopmentAt Brighton we have a specific approach to website development.
-
eMarketingeMarketing is elemental to our eBusiness Service.
-
Tools and FunctionalityInnovative tools to increase online sales, and improve service.
-
Website SupportOur ongoing support services for eBusiness clients.
-
SystemsThe key systems behind our eBusiness Service.
-
SecurityOur extensive information management security practices.
-
StrategyHow we work together to achieve your goals and objectives.
- Security
- Marketing
- Brighton's Marketing ServicesUtilise our marketing resources and expertise to achieve your business goals.
-
Planning and ConsultingTailored planning and consulting services to match your needs.
-
BrandingWe're a one-stop-shop for all your branding requirements.
-
Marketing SupportComprehensive day in, day out marketing support.
-
Aggregated CampaignsHigh-quality, yet cost effective marketing campaigns.
-
Campaign ServiceCustomised campaign services to meet your communication needs.
-
Member Contact ProgramImprove your member service effectiveness and efficiency.
-
CommunicationsEffective solutions to your communication needs.
-
Newsletter ServiceCommunicate key information with our Newsletter service.
-
BenchmarkingAn annual aggregated benchmarking service.
- Design
- Brighton's Design ServiceA comprehensive design service which can cater for branding, web, print and much more.
-
BrandingA one-stop shop for all your branding requirements.
-
WebAn exhaustive digital design service.
-
PrintProfessionally-designed print designs to meet your needs.
-
Internet Banking RedesignWe can redesign the look and feel of Internet Banking systems
- Websites
- Website RedevelopmentAt Brighton we have a specific approach to website development.
-
Sales Driven ChannelGenerate online sales leads through your website.
-
Design and UsabilityWebsite design founded on extensive industry experience.
-
Browser CompatibilityEnsuring functionality on various web browsers.
-
SEOOur comprehensive approach to Search Engine Optimisation.
-
Internet Banking RedesignWe can redesign the look and feel of Internet Banking systems
Comments