SOCRadar® Cyber Intelligence Inc. | How to Identify Spear Phishing?


Mar 25, 2022
5 Mins Read

How to Identify Spear Phishing?

Successful spear phishing accounts for up to 95 percent of all attacks on enterprise networks. Because of the proliferation of COVID-19, attacks escalated in 2020, with hackers preying on stay-at-home workers who aren’t protected by in-office IT security solutions

What is Spear Phishing?

Spear phishing is a targeted email attack that uses luring, impersonation, or access-control bypassing tactics to collect sensitive information. In a typical phishing attempt, the attacker sends emails at random to persuade victims to open attachments carrying malware or click on links containing a virus. 

In spear phishing, on the other hand, the attackers send emails to specified targets. They can use socially engineered content asking the victim to share sensitive information such as passwords, financial information, or other sensitive information that is not supposed to be shared without proper consent and using fake links and compromised attachments. 

How Spear Phishing Works?

A simple diagram describing a typical spare phishing attack.
A simple diagram describing a typical spear phishing attack.

Spear phishing is carried out — and is successful — through reconnaissance, which entails cybercriminals researching victims to impersonate a trusted figure such as a friend, boss, coworker, or family member. Spear-phishing assaults are frequently linked to hacktivists and government-sponsored hackers. 

Because these attacks are carefully planned and personalized to the target, they frequently rely on publicly available data, most of which can be accessed on social media sites such as Facebook, Twitter, and LinkedIn. Cybercriminals might exploit email addresses, social relationships, physical location, and information acquired from public posts to lend credibility to their message using information gathered on these sites. 

RSA Phishing Attack

The phishing attack on RSA in 2011 started with this email.
The phishing attack on RSA in 2011 started with this email.

Let’s take the example of RSA, a security firm, to demonstrate this point. The hacker pretended to be a firm employee and sent an email to a group of employees with a document attached. “Recruitment Plan” was the subject of the email. The issue was that the attachment included a malicious file. You might now wonder, “What about the loss?” The cost is projected to be USD 66 million. This incident occurred in 2011. 

This is just one illustration. There are plenty of such examples, and against popular belief, spear-phishing does not target only businesses. This type of attack is becoming more common among small and medium-sized enterprises. 

How to Identify a Spear Phishing Attack 

Examine the Sender of the Email

If there is any suspicion, it may be necessary to double-check the sender.
If there is any suspicion, it may be necessary to double-check the sender.

When we get an email, we frequently see the sender’s name. The attackers can easily impersonate someone who sends you emails regularly. If you receive an email asking you to disclose sensitive information that should not be supplied by email or without adequate verification, don’t just trust the sender’s name; double-check the email address. 

Make Contact Through Phone Call

Don't hesitate to call customer services if you're suspicious about spear phishing.
Don’t hesitate to call customer services if you’re suspicious about spear phishing.

A spear-phishing email assault can be so devastating that the receiver receives no warning. An attacker can spoof your name, email address, and even the email format you get regularly. If the email’s demand is essential and could result in worse difficulties if the information is leaked, don’t hesitate to call the sender to confirm the email’s legitimacy and the requested information. 

Scan Links and Attachments

Examine who sent the email to see if the attachment is legitimate.
Examine who sent the email to see if the attachment is legitimate.

Many spear-phishing emails include attachments that contain embedded malware or forms that require you to provide your most personal information. Malware is usually delivered as a .exe file, .zip files, PDF, Word, and Excel documents are also regularly used. 

Examine who sent the email to see if the attachment is legitimate. Hovering your mouse over the “from” address will do the trick. Using graphics instead of words is one of the most current strategies hackers use to circumvent detection by protection and security software. 

Daily Monitor Phishing Trends & Statistics with SOCRadar

SOCRadar's Phishing Radar shows you the latest trends.
SOCRadar’s Phishing Radar shows you the latest trends.

Research shows that the primary infection vector of threat actors is phishing. Using this method, attackers create system breaches and access sensitive data. SOCRadar helps you maintain a proactive and robust security approach against phishing threats. It presents global trends and statistics in context and brings the latest attacks back to your feed with meaningful data. It allows you to create filters specific to your industry if you wish.

You can get a preview of the threat landscape for your domain by using SOCRadar’s free Phishing Radar service.

Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets.
Get free access