Spear-Phishing is a form of phishing attack that targets a specific person or organization, seeking access to sensitive information. Similar to phishing, this is done through spoofing emails that appear to be legitimate, but not to a bulk list of random email addresses. Whaling is similar as well, but is done by targeting high-ranking executives and attempting to gain access to their information or data.
What should SMB’s do to protect against Spear-Phishing Attacks?
Education is the key to providing solid protection for your company against spear-phishing, whaling, and phishing attacks alike. Testing your employees with Phish-testing is also an excellent way to hold people accountable. You should aim to reduce your “Click-Rates” down to less than 5% after completing 6 months to 1 year of staff training.
If you would like to learn more about Spear-Phishing, watch this short video:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.