Accessibility Statement Skip Navigation
  • Why PRWeb
  • How It Works
  • Who Uses It
  • Pricing
  • Login
  • GDPR
  • Create a Free Account
Return to PRWeb homepage
  • News
  • Resources
  • Contact
When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All News Releases
      • Multimedia Gallery

      • All Multimedia
      • All Photos
      • All Videos
  • Business & Money
      • Auto & Transportation

      • Aerospace, Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads and Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking and Road Transportation
      • View All Auto & Transportation

      • Business Technology

      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • View All Business Technology

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Financial Services & Investing

      • Accounting News & Issues
      • Acquisitions, Mergers and Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalization
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • View All Financial Services & Investing

      • General Business

      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls and Research
      • Trade Show News
      • View All General Business

  • Science & Tech
      • Consumer Technology

      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • View All Consumer Technology

      • Energy & Natural Resources

      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil and Gas Discoveries
      • Utilities
      • Water Utilities
      • View All Energy & Natural Resources

      • Environ­ment

      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • Aerospace & Defense
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation and Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking and Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • Carriers and Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • Animals & Pets
      • Beers, Wines and Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics and Personal Care
      • Fashion
      • Food & Beverages
      • Furniture and Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewelry
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Health

      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • View All Health

      • Sports

      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • View All Sports

      • Travel

      • Amusement Parks and Tourist Attractions
      • Gambling & Casinos
      • Hotels and Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • Advocacy Group Opinion
      • Animal Welfare
      • Congressional & Presidential Campaigns
      • Corporate Social Responsibility
      • Domestic Policy
      • Economic News, Trends, Analysis
      • Education
      • Environmental
      • European Government
      • FDA Approval
      • Federal and State Legislation
      • Federal Executive Branch & Agency
      • Foreign Policy & International Affairs
      • Homeland Security
      • Labor & Union
      • Legal Issues
      • Natural Disasters
      • Not For Profit
      • Patent Law
      • Public Safety
      • Trade Policy
      • U.S. State Policy
      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • View All People & Culture

  • Hamburger menu
  • Cision PRWeb provides efficient communication tools to continuously engage with target audiences across multiple online channels
  • Create a Free Account
    • ALL CONTACT INFO
    • Contact Us


      11AM ET Sunday – 8PM ET Friday

  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • News in Focus
    • Browse All News
    • Multimedia Gallery
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR

Spear Phishers Can Wreak Havoc on Any Business at Any Time – Survival is All About Awareness and Response
  • USA - English


News provided by

Global Digital Forensics

Jul 15, 2013, 04:30 ET

Share this article

Share toX

Share this article

Share toX

Don't give spear phishers the combination to your treasures
Don't give spear phishers the combination to your treasures

get the entire organization on the same page, from what to look for and how to spot these types of threats, to what to do if a malicious threat is found

Post this

New York, NY (PRWEB) July 15, 2013 -- McAfee released a report last week called Dissecting Operation Troy: Cyberespionage in South Korea, and it reads like a new-age Bond movie script. It’s filled with sneaky espionage, strategic diversions, tantalizing tidbits of clues, and of course, destruction and mayhem. But in this story there are no explosions, blood or missing limbs, at least not directly. It’s a story about digital information being compromised, but in a setting which includes military information, the aforementioned chaos is certainly not completely off the table of possible consequences. The method of entry to get the whole snowball rolling was a tactic that threatens businesses everywhere on a daily basis, spear phishing. What is spear phishing? What to look for? What can be done? Global Digital Forensics founder and CEO/CTO, Joe Caruso, shares some answers.

So what’s the difference between phishing and spear phishing?

“We’ve all seen those emails made to look like they are from reputable, well-known companies like Paypal or eBay, with links to follow, or an attachment to open in order to receive a special service, or to rectify a problematic issue with your account. These are sent in blast spam campaigns to millions of email addresses. They are the normally the easiest ones to spot because they often use poor English or contain odd mistakes, and on closer inspection the name of the sender is normally just a bit off, like @paypal.e.com instead of @paypal.com. Another thing to watch for is the links contained in the message. By rolling the mouse pointer over the link, without clicking it, the address the link would be sending you to can be displayed. If the text says one thing and the destination link says another or is unfamiliar, do not follow it. This kind of scheme is based on pure numbers and massive volume. Getting just a few users out of the millions receiving the email to bite on the bait is all the phishers need to make it a successful phishing trip.”

“But spear phishing is a very different beast. Spear phishing emails can be extremely personalized, and depending on the skill level, resources and diligence employed by the attacker, they can be both very convincing and quite difficult to identify as a malicious threat. Spear phishers will make their bait emails look like they come from someone familiar and trusted, like friends, family, or even from someone within your own organization. Spear phishers will do research, they will glean personal information from social networking sites, company websites, online user profiles, or even personal information they may have gathered from other systems and networks they have compromised in the past, and use it against you. They will also apply advanced tactics like spoofed headers, basically changing the From address to match up to the identity of the person or organization they are pretending to be. So when Sally from your own human resources department, conveniently obtained from the business’s online directory with her valid email address and other details, sends you a letter with a note about something you need to review regarding your insurance benefits, you may very well open the attachment, and bang… your “hooked.” Or you get an email from the Sapphire Waters Beach Hotel, where you just vacationed and have been raving about on a social networking site, telling you an item was left at the hotel, please see the attached description and form to fill out to have the item returned. Well, you were just there, of course this may be true. Say hello to a malicious payload that can lead to the compromise of your entire network. From the CEO to the fresh new intern, everyone is vulnerable and could be all the foothold attackers need to see whatever agenda they have through to fruition. So don’t be afraid to pick up an actual telephone and confirm an unexpected email, and if it turns out to be a hoax, report it immediately to whoever is tasked with the organization’s cyber security.”

Combating the threat revolves around testing, awareness and response.

“The social engineering aspect of cyber intrusions, which is where spear phishing would fall, is something we focus on heavily when we are called in to do cyber threat assessments and comprehensive penetration testing for clients, which range from very small businesses to well-known financial institutions. The scale and scope of the tradecraft we will employ is discussed and agreed upon in advance and then we go to work. Nothing we do will be destructive, but it will definitely be enlightening. We’ll do the same things real-world attackers would do. We’ll use publicly available information and anything else we can get our hands on, online, by telephone, or even in person, and craft a spear phishing campaign. We’ll do everything from creating full blown dummy websites, to spoofing an individual or department within the organization itself. And so far, we’ve never failed to get a foot in the door. When we divulge our findings in our detailed report, it’s got a shock and awe factor that really sinks in deep. It has the powerful, double-barrel effect of exposing weak links in the organization’s cyber security posture, as well as serving as an excellent springboard to raise internal cyber-threat awareness significantly. From there we’ll tailor a remediation plan with the client. If the client chooses, we can even hold awareness seminars to get the entire organization on the same page, from what to look for and how to spot these types of threats, to what to do if a malicious threat is found. And of course we can also satisfy any cyber emergency incident response needs a client may have with our team of experienced cyber responders, strategically positioned across the country and the worldwide and available any time of the day or night, just in case Aunt Betty’s secret family recipe proved just to irresistible not to open.”

Don’t wait.

Every organization’s needs, desires and digital infrastructure are unique. But having veteran cyber security experts like the experienced team at Global Digital Forensics come in to professionally tailor a testing and response plan specifically geared to the individual client, can go a long way to not only preventing the initial gateway intruders can use to wreak havoc, but also substantially lessen the aftermath should an attack or intrusion still manage to occur. There is no such thing as absolutely perfect protection, but the odds and/or aftermath can be greatly affected with the right plan in place.

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.

Aris Demos, Global Digital Forensics, http://www.evestigate.com, 800-868-8189, [email protected]

Modal title

Contact PRWeb

  • 11AM ET Sunday – 8PM ET Friday
  • Contact Us

About PRWeb

  • About PRWeb
  • Partners
  • Partnership Programs
  • Editorial Guidelines
  • Resources

Why PRWeb

  • Why PRWeb
  • How It Works
  • Who Uses It
  • Pricing

Accounts

  • Create a Free Account
  • Log in
  • Contact Us

Do not sell or share my personal information:

  • Submit via [email protected] 
  • Call Privacy toll-free: 877-297-8921

Contact Cision

Products

About

My Services
  • All News Releases
  • Online Member Center
  • ProfNet
Cision Distribution Helpline
888-776-0942
  • Legal
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2025 Cision US Inc.