As much as I would love to say that spear-phishing is a lake or ocean fishing expedition, it’s not. In the technological world, spear-phishing is a term used when someone is attempting to steal sensitive information, specifically from an individual. They do a reconnaissance mission of a person’s information such as where they live, who their friends are, who they work for, places they like to eat, and where they shop online.
Once their information reconnaissance is complete, they make their move. Through email or direct messages, they will pretend to be someone’s friend, or disguise themselves as a representative from the target’s financial institution, or favorite store and trick victims into spilling all the beans of their important personal information. Passwords and account information, you name it, they will try to get. They can be very convincing too when using a company’s name and logo, or that of a personal contact whom they know inside an organization, such as a financial advisor or accountant. Victims trust those individuals enough that they may not consider that it isn’t them at all.
Unfortunately, because spear-phishing is hard to detect, it is becoming more and more common. There are ways for you to spot these attacks and use preventative measures from being targeted. Overall, if you are more aware of what spear-phishing actually is, you can be more attuned to the information you are giving out and better protect yourself.
Photo by Stephen Momot on Unsplash