In November 2017, security researchers discovered a new spear-phishing campaign targeting employees who handled the company finances. These cybercriminals masquerade as business contacts the employees knew and trusted. To trick the employee into thinking the email came from a trusted business associate, the hackers spoofed the name that appeared in the From field so that it showed a known associate’s name.

The emails’ context varied, but all mentioned invoices. For example, the subject line of one email noted that an invoice was due. The email’s message read, “I tried to reach you by phone today but I couldn’t get through. Please get back to me promptly with the payment status of this invoice below.” The message included a link for the recipient to click to see the invoice.

In another case, the email’s subject line mentioned an address update, but the message also alluded to an invoice. The message read, “I’m providing you with my new address and invoice details below.” The message included a link for the recipient to click to get the new address and invoice.

In both cases, the email itself was harmless and could simply be deleted. However, if the email recipients clicked the link, they triggered a cyberattack.

The following three-phase approach can help protect your business from spear-phishing attempts.

Phase 1

Employees cannot fall for spear phishing scams if the emails never reach their inbox. Prevent as many malicious emails as possible from reaching your employees by filtering your company’s email and ensuring your anti-malware tools are up-to-date,  An email security solution designed to catch spear phishing and other types of malicious emails can be added to your security approach as well.

Avoid putting personal information, such as individual company contacts names and emails is another preventive measure making it more difficult to target your employees. Cybercriminals often obtain the information they need to personalize spear-phishing emails from company websites and social media networks. Keeping potentially sensitive information (e.g., employees’ email addresses and job titles) from your company’s website or social media pages will add an additional level of protection.

Phase 2

Despite your efforts to prevent spear-phishing emails from reaching employees’ inboxes, there is no method that is 100% guaranteed. For this reason, it is important to educate employees on how to spot these scams. Common signs include:

  • A deceptive URL (the actual URL does not match the displayed linked text or web address)
  • An email attachment
  • The sender tries to get the recipient to perform an action (e.g., click a link or open an email attachment)

When discussing spear-phishing scams with employees, stress the importance of not clicking links in emails, even if the emails appear to be from people they know. They should also check for deceptive URLs and spoofed names in the “From” field. If the URL or email address seems suspicious, have them call the email’s sender to make sure the person sent it.

Phase 3

Cybercriminals are becoming more skilled at creating spear-phishing emails and even if your employees understand the basics on how to spot one, it is best to take measures that will help mitigate the effects of a successful attack. One effective measure is to regularly perform backups and test the backup files. Having restorable backup files ensures valuable data is not lost.

Develop a Layered Plan of Action

The specific steps required in each phase will vary depending on the security measures already in place in your company. MicroAge IT Solutions can assess your security defenses and help to develop an action plan. We can also provide recommendations on how to protect your business from other types of malicious attacks.

Call or email us today at 877-309-1919 or sales@microage.cc


Leave a Reply