In the modern day, most of us are educated on the danger of cyber attacks, along with the destruction they can potentially cause. One of the most common cyber attacks is known as “phishing”.
These well-known attacks continue to diversify, just like the technology that they aim to exploit. Attackers are trying to find new ways of targeting users.
In recent times, a new type of phishing attack has been created – called a Spear Phishing attack. In this article, we look at both, and provide the difference between the two.
Background
Traditional phishing attacks are known by most. These attacks are usually conducted by attackers sending emails to a wide array of email addresses. These addresses will have notmally been illegally gained.
The attackers work on the assumption that by sending a generic email to a mass amount of users – that some will fall for the ruse. The attackers aim to dupe their victims into doing what they want.
How does a phishing attack work?
A phishing attack normally appears in the form of an email that has supposedly been sent from a reputable source like Amazon, eBay, or in most cases – a bank.
The general aim is for the user that receives the email to either open an attachment (which is infected with malicious code, unbeknownst to the user), or click on a link within the email.
The email will typically be asking users to confirm their details, unfreeze an account, unblock an account, or to check an unauthorised payment. The emails are designed to cause panic, and for the user to make a rash decision, such as entering their details quickly.
The link is actually fraudulent, and the user logs in to a website that they believe is legitimate. Instead, the attackers are able to gain sensitive details from users, such as passwords or bank details.
Either way, the user gives away crucial information, and may see their bank account being emptied, information sold on, or even identity theft take place.
What is a Spear Phishing attack?
A spear phishing attack however is different. A spear phishing attack does follow the same principles as a regular phishing attack, including seemingly coming from a trusted source.
Yet while a traditional phishing attack targets as many people as possible in one hit, a spear attack will intead be more intricately crafted – with the aim of targeting just a few people, or in some cases, just one person.
The general aim of this attack is someone in a senior corporate position, or someone who holds crucial or classified information. Technically however, anyone can be a target of a spear phishing attack.
The attacker will spend time on constructing their email. They will often carefully investigate their target – trawling through the internet to look for any specific information that they can use in the email to make it look more legitimate.
The aim is to then coax important or financial information out of their target. The information received can be very powerful, and cause significant damage. Spear phishing attacks are more rare, but can be more devastating.
How to protect yourself
Phishing and spear phishing attacks are worrying things. However, there are things that we can all do and measures we can take to protect ourselves.
Firstly, turning on two-factor authentication can be a useful way to keep out attackers. In this case, whenever a new device tries to sign in to an account, the user will be prompted to enter a verification code which will normally be sent to a phone. Therefore, as long as the attacker doesn’t have the phone and password details, they will not be able to access the account without the user’s approval. As a result, two-factor authentication can be an excellent tool to keep safe.
Another simple but effective measure is to regularly change your password. By doing this, if your information is unfortunately passed on, it could be outdated, which can limit the damage.
Finally, strong AntiVirus software can often detect phishing emails and warn you of suspicious links. We recommend steering clear of Norton – you can see why at this link.
But either BitDefender or McAfee can be excellent choices. You can see some offers below for these products.
The Takeaway
So while traditional phishing attacks target huge numbers of people, spear phishing attacks are targeted instead at a smaller number of people.
It is important to be aware of these different attacks, and to always be careful and exert caution when opening emails from those you don’t know.
It is easy to fall victim to either of these attacks. Both at their worst can have catastrophic effects. But by taking the correct measures to protect ourselves, safety is possible.
READ MORE
If you click on some of the links and go on to make a purchase via a link, Generation95 may receive a small commission based off of this. Please note that any financial incentive does not compromise our editorial values. We continue to put out customers first, above income on untested or unreliable products.
