Spear phishing a continuing and growing problem

Mar 21, 2016 9:35am

An increasingly prominent form of phishing is targeting individuals in order to obtain personal information – and the scale can be quite grand. Take for example a company in Springfield, which “fell victim to a phishing scam” that gave criminal hackers access to “information for about 1,000 employees.” Spear phishing, as it is called, is particularly dangerous because it uses familiarity against the victim.  Using his or her name, e-mail, and any information accessible to the phisher – most any readily available information that hackers can find on our social network pages – in an attempt to compromise the victim’s system. This can range from a single individual’s credit card information, to the W-2 information of a company’s entire employee roster. If and when they gain access to this information, criminal hackers can then use employee’s information to “file fraudulent returns, usually all stored in one form called a W-2.

As spear phishing becomes more prominent, individuals need to be more wary when responding to emails requesting personal information. Monitoring online presence is the first step toward securing personal information, i.e. thinking twice before revealing a personal email address on facebook, but individuals can also take precautions against spear phishing by ignoring suspicious emails from banks or businesses requesting personal information. “Legitimate businesses don’t ask you to send sensitive information through insecure channels,” so if you receive an email asking for confirmation on credit card or bank account numbers, etc, delete it – even if they threaten to close your account if you do not respond.