Spear Phishing – Don’t Take the Bait!

Background Story

Group One uses state-of-the-art technology to protect our clients from malicious attacks from the outside. But there is one thing that is almost impossible to protect against: end users clicking on a spear phishing attachment and inviting a virus onto their PC — and thereby — into the company network.

Spear Phishing Attacks

One technique hackers use is called “spear phishing”. Essentially, spear phishing attempts are directed at specific individuals or companies. Attackers may gather personal information about their target to increase their probability of success. This technique is, by far, the most successful on the internet today, accounting for 91% of attacks.

For example, one of our clients listed their email addresses on their website. A hacker then gathered all the emails from their website and crafted the below message:

Spear Phishing

 

Good News

Before it could spread into the network beyond the one user’s workstation, Group One IT’s protection systems shut the Crypto Virus down.

This could have been very bad.  This was a version of the “Cryptolocker” ransomware virus similar to the one that recently infected a hospital in southern California. If this virus brought an entire hospital to a grinding halt, think of what it could do to your organization.

Better News 

We were able to restore the user’s data back to the most recent backup.  He was up and running again in less than two hours, and he only lost a few hours of work. A few hours. Consider that viruses just like this one have been known to take down entire organizations — not for hours, or days or even weeks — permanently. When an effective ransomware spear phishing virus is completely successful and wipes out an entire database, many companies are simply unable to recover and ultimately close their doors.

Moral of the Story:

Don’t click on attachments without knowing that the sender is legit.