ICT Insight | Darwin Blog - https://www.itblog.com.au
By Michael Feldbauer
Published on 24/01/2018

It is amazing to see the terms that are defined for different types of attack as below.

A more targeted form of phishing is known as ‘spear-phishing’. Rather than emailing many people at once, these emails are more targeted and are usually only sent to one person, and made to look like it’s from someone you know, and that the topic is relevant to you.

Spear-phishing is used to target employees by impersonating senior executives asking for funds transfers. This is also known as ‘wire fraud’.

They usually ask the target to make a wire funds transfer for them- or confidential information (eg tax details). By making the email appear to come from a very senior person, they are hoping you’ll action it quickly without verifying the request.

In recent weeks through our Helpdesk we have seen a huge increase in very personalised emails for smaller amounts of money targeting small companies. 

Many businesses have lost large amounts of money due to spear-phishing- eg Irish airline, Ryanair, lost $5 million to this type of scam.

Raising awareness of these scam emails with employees (especially Personal Assistants or payment authorisers) is important to reduce this risk. If you receive a request like this, simply call the person (on a known number) to confirm they requested the transfer.

Spear Phishing Example