Spear Phishing Cybersecurity Attacks: Here’s What Businesses Need to Know

A recent story in CBS news, written by Dan Patterson, senior producer, and Graham Kates, investigative reporter, describes an email that Patterson opened up that he thought was from a close friend, but it turns out was really from a hacker. The attack itself was not real – Patterson and Kates had asked a cybersecurity company that works with CBS to hack them, but the event brought to light a problem that affects one out of every seven emails sent in a professional setting: spear phishing.

Spear phishing is a common practice used by hackers. They send out fraudulent emails that appear to be from a trusted sender to entice targeted individuals into sending confidential information or performing a seemingly-legitimate action. Many hackers spend time researching a victim’s family, friends, interests, or colleagues’ names and provide identifying details such as email addresses, names or photos to make the email seem authentic. The attack is successful if the victim follows the request of the cybercriminal.

At Rose & Kiernan, Inc., we definitely take steps as an organization to step up our own defenses against spear fishing and training of our employees and clients. As a business, there are steps that you can take to protect your organization from spear phishing:

  • Regularly train your employees on identifying spear phishing attempts; show them what to look for.
  • Encourage employees not to give out too much personal information online, especially on social media. Personal information from someone’s LinkedIn profile can be a valuable source for hackers.
  • Establish, update and maintain a response procedure where employees are urged to report an attack and take immediate action.
  • Consider setting up duo two-factor authentication for logins and also multi-step approval processes for actions such as funds transfers.

Of course, cybersecurity insurance is important and recommended, as it helps a business recover from a security breach or other cyber event.

For more information on Rose & Kiernan’s cybersecurity risk management, please contact us at techrisksolutions@rkinsurance.comClick here to learn more about cybersecurity insurance.

Post a Comment

Your email address will not be published. Required fields are marked *

Related Posts

ransomware attacks
Ransomware Attacks are Increasing: Here’s What Businesses Need to Know

Recent reports show an increase in ransomware attacks. Here are some recommendations and best practices for businesses to improve their cybersecurity.

Read More

cloud-based email compromises
Cloud-Based Email Compromises are Increasing: Here’s What Businesses Need to Know

Recent reports show an increase in cloud-based email compromises. Here are some recommendations and best practices for businesses to improve their cybersecurity.

Read More

A New Cybersecurity Threat: Understanding Fileless Non-Malware Attacks

Fileless non-malware tactics are being used to stealthily infiltrate cybersecurity systems and many organizations aren’t equipped to detect or defeat these tactics. We discuss what businesses can do to combat fileless methods of attack and protect cyber assets.

Read More