Spear-Phishing

Spear-Phishing is a form of phishing attack that targets a specific person or organization, seeking access to sensitive information. Similar to phishing, this is done through spoofing emails that appear to be legitimate, but not to a bulk list of random email addresses. Whaling is similar as well, but is done by targeting high-ranking executives and attempting to gain access to their information or data.

Related Terms: Phishing, Whaling

What should SMB’s do to protect against Spear-Phishing Attacks?

Education is the key to providing solid protection for your company against spear-phishing, whaling, and phishing attacks alike.  Testing your employees with Phish-testing is also an excellent way to hold people accountable.  You should aim to reduce your “Click-Rates” down to less than 5% after completing 6 months to 1 year of staff training.

If you would like to learn more about Spear-Phishing, watch this short video:

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

• Blog
• Cybrary (Cyber Library)
• Infographics
• Newsletters
• Press Releases
• Instructional Videos (HowTo) – very helpful for our SuperUsers!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.