What is Spear Phishing?
Answer by Randy Carey and John Burnett, BOL Gurus Guru Bio
Question: I understand the meaning of “phishing”. Can someone please explain what “spear phishing” means? How does it differ from “phishing”?
Answer by Randy Carey: From the John Hopkins Institutions Information Technology website:
"Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the purported source of the e-mail is likely to be an individual within the recipient's own company, and generally someone in a position of authority."
Answer by John Burnett:
I'll add that spear phishing attempts are often targeted at publicly-known individuals in a company, often upper and middle managers or officers. Many spear phishing emails include information about the addressee's business or company that tend to make the email appear more credible.
BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.
Print Friendly!
Email This Article!
Discuss NOW!
