Spear phishing is an email-based cyber security attack on a specific individual intended to extract valued information. Unlike broader phishing attempts that blanket many users in hopes of snagging one or two, spear phishing is a precise and targeted attack on a single person that aims to persuade them to perform an action harmful to their business, organization, or government agency.
One common spear phishing approach includes a cybercriminal sending email to one or a few corporate employees to request the execution of a specific high-value transaction.
In many cases, the email contains the spoofed identity of an executive in the visible ‘From’ field of the email header. In other instances, the email may appear to be from a trusted partner of the individuals’ employer.
For example, a vice president of cash management at a banking company receives an email appearing to come from the CEO that requests an urgent wire transfer. Unaware that the email is not legitimate, the employee sends the funds to an address that actually belongs to a cybercriminal.
Why it matters
With no reliable way for employees to tell that the email is from a cybercriminal, they may be fooled into following the instructions it contains. That can greatly harm the company and lead to the theft of:
- Access — passwords for future malicious activity
- Information — valued data such as PII or W-2s to be used for identity theft
- Money — funds belonging to the target entity
However, such attacks can be blocked by companies that adopt and fully enforce the DMARC email authentication standard. This stops fraudulent email sent in your name with 100 percent effectiveness. DMARC at enforcement protects both inbound email targets such as employees and executives as well as outbound email recipients including customers and partners, thus safeguarding the company brand.