Most of us have heard of phishing, a very popular method of phishing for personal information and infecting internet-connected devices. Recently, however, criminals have begun to specialise in a more advanced form of such attacks, namely spear phishing. What exactly does this involve? Find out in our guide.
Spear phishing, or what is it?
Spear phishing is a personalised hacking attack, which – as the name suggests – targets specific Internet users. In contrast to standard phishing, criminals do not act blindly here, but rather try to get to know their victims beforehand. For this, they primarily use social media, track our online activities and collect valuable information.
For example: If you are a member of Facebook groups on the subject of football, you can expect to receive emails with references to football in the subject line and in the body of the email. Such an email will be accompanied by a suspicious link – if you click on it, it is likely that malware will be installed on your device or that you will be taken to a site designed only to trick you into providing personal information.
Criminals can track our online behaviour for weeks, using special scripts and applications. Once they are sure what you are interested in, they create personalised messages with suspicious links. Often, the email even contains a direct message to the recipient, e.g. “Hey Tom, I know you’re interested in football, so I’m sending you a link to a page where you can find interesting facts about Robert Lewandowski’s life”.
Spear phishing is a growing problem, and this is due to the fact that we ourselves share a lot of information about ourselves, share email addresses with various parties and do not control who actually comes into possession of this data. So pay attention to this and remember never to click on links attached to an email from an address you do not know.