Recently we have witnessed some extremely high profile and dangerous cyber attack. High profile – because these attack happen simultaneously in few countries. I am talking about the cyber attack that took place in UK and other European countries in May 20, 2017.
An attack like this shows us, what happen to people and their life, when some of the lifesaving system become un-accessible. It teach us, we need to be vigilant when we are online.
So how these attack took place ? Answer is – in many ways. But I am going to talk about a specific kind of attack that can happen against anyone. It’s called “Spearphishing”
What is Spearphishing ?
Spear Phishing is a scam. An attacker will send an email to you, disguise as a friend or a business and collect your information. Attacker then use those information and steal money from you.
How Phishers Select You ?
One of the common place is Facebook. Most people like to share every detail of their life. Phisars collect these information from their Facebook account. So they know your name, your contact email, phone, address and a good understanding about your personality.
How Spear phishing Attack Happen ?
I am going to use an example to describe this. Let say you bought an expensive lens for your Nikon digital camera. And posted this in Facebook. Phisars learn about this. Then they start their attack.
Step 1: After your buy the lens, few days later your received an email. Now this email came from your Credit card company and they are saying their have some error happen and your card has been charged few times and they need to rectify the issue.
Step 2: They are also saying they have included a link with the email. And you need to click the link and answer few security question. Then the credit card can start fixing the multiple charge issue.
Step 3: You – who is now worried about your money, will click the link to fix the problem.
Step 4: The moment click the link, it will take you to a friendly looking website where the phisars already included some malicious code. The code will give the attacker direct control of your computer and your would not even know about it.
Step 5: As the phisars have control over your system, they can now collect any information they want and use them to steal money from you.
Now this is just an example. But actual like this happen on a regular basis. A big example of phishing attack was the September 2015’s Democratic National Committee’s cyber attack Attack.
Protection Against Spearphishing
There is no actual protection against Spear phishing. Staying alert is the only defense.
Writer – Rubayat M.