Spear Phishing- An inside view

 Spear Phishing- An inside view

Phishing is the falsified practice of sending emails claiming to be from trustworthy companies in direction to induce individuals to disclose personal information, such as passwords and credit card numbers, online Spear phishing is an e-mail spoofing scam attempt that targets a specific organization, in quest of unauthorized access to confidential data. Spear phishing attempts are not typically initiated by "random hackers" but are more likely to be led by offenders out for financial gain, trade secrets.

Who will win the battle - Spammers or Service Providers?

A software professional working for a banking client gets an email one morning. The email appears to be from the support team and it states that his account has been locked and he will not be able to perform his tasks that day unless he resets the password. The email also gives him a link where he could reset his password. In a hurry to start working on his pending work, he clicks on the link and resets his password as directed. But, this time he gets locked out of his account for REAL. Upon contacting the actual support team, they inform him that the link that he clicked on was a phishing link and when he entered his credentials, he literally gave his credentials to the phisher.

Such incidents are the sources of big successes to a spammer and an immeasurable loss to the banking firm. These result in a spammer’s entry into the bank architecture and access to the most confidential information. How can such a situation be avoided?

Subscribe to RSS - Phishing