Answer:
Answer by Randy Carey: From the John Hopkins Institutions Information Technology website:"Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the purported source of the e-mail is likely to be an individual within the recipient's own company, and generally someone in a position of authority."
Answer:
Answer by John Burnett: I'll add that spear phishing attempts are often targeted at publicly-known individuals in a company, often upper and middle managers or officers. Many spear phishing emails include information about the addressee's business or company that tend to make the email appear more credible.
First published on BankersOnline.com 4/13/09
print
share