InfoWorld: 10 reasons why phishing attacks are nastier than ever

/Home/Internet Security: Articles/Internet Security: InfoWorld/InfoWorld: Phishing

Forget Nigerian princes -- today's spearphishing is sophisticated business, fooling even the most seasoned security pros

By Roger A. Grimes
Nov 9, 2015

Phishing emails have been the scourge of the computer world for decades, defeating even our best efforts to combat them. Most of us can easily spot them by their subject lines and delete without even opening. If we're not entirely sure and end up opening them, we can immediately identify a phishing attempt by its overly formal greetings, foreign origins, misspellings, and overly solicitous efforts to send us millions of unearned dollars or to sell us dubious products. Most of the time, phishing attempts are a minor menace we solve with a Delete key.

Enter spearphishing: a targeted approach to phishing that is proving nefariously effective, even against the most seasoned security pros. Why? Because they are crafted by thoughtful professionals who seem to know your business, your current projects, your interests. They don't tip their hand by trying to sell you anything or claiming to have money to give away. In fact, today's spearphishing attempts have far more sinister goals than simple financial theft.

Here's a look at what sets today's most sophisticated spearphishing attempts apart -- and how to keep from falling prey to their advances.

Click the URL above to read the full article