Microsoft’s Security Blog recently published an excellent article covering a growing trend in security attacks. Written by Diana Kelley Cybersecurity Field CTO and Seema Kathuria Senior Manager, Cybersecurity Solutions Group, it cleverly describes spear-phishing campaigns that are highly focused, and successful.
These attacks do not target large or broad email lists, but rather a person within an organization. Experienced tech executives and senior managers have fallen for it, giving access to money or sensitive information to an outside threat.
Here are some typical profiles that can help identify an attack:
- A familiar email with a barely perceptible spelling error in the domain or the name, that can be easily overlooked.
- Exerting pressure and transmitting an urgent request, which is typically a break withing corporate policy. This includes expediting payments without going through the usual validations and chain of approval.
- A language that instills fear or unusual affinity. One example used by the blog entry article is “the impersonated CEO might say you’re letting them down if you do not make the urgent payment.”
- Vocabulary or terminology that is not typically used by the sender of the email.
Steps to effectively reduce attack vectors:
- Use a modern two-factor authentication technique.
- Deploy tools that will intercept the email before it gets to its target, such as Microsoft Advanced Threat Protection (ATP) anti-phishing.
- Communications within a team are vital. Talking among co-workers can effectively reduce these risks.
You can find the original entry at Microsoft’s Security Blog.