Spear Phishing – Part 3

Originally posted on https://www.bestructured.com/spear-phishing-part-3/

As we have reviewed, Spear Phishing, is quite different than the normal Phishing attack.  In these cases, the Cyber attacker just merely launches an all-out attack, in the hopes of being able to harvest sensitive information and data.  In these cases, typically, a hijacked e-mail address book (or even many of them) is what used to launch the attack.  But with the Spear Phishing attack, the victim(s) is (are) specifically targeted.

For example, the Cyber attacker will take great lengths and even a good amount of time into researching the background information of their intended victims.  Below are some examples Spear Phishing attacks, and the devastation that it has caused in its wake:

1)     Ubiquiti Networks:  Total loss of $46.7 Million to scammers

This attack actually occurred on June 5th, 2017.  The company was hit by a Spear Phishing attack with a disastrous financial toll.  They were able to reclaim roughly $45 million of the stolen funds, and it was determined that this attack was the direct result of “employee impersonation and fraudulent requests from an outside entity targeting the Company’s finance department.”  (SOURCE:  https://blog.barracuda.com/2017/08/25/four-big-spear-phishing-attacks-you-may-have-forgotten/).  Further details can be seen here.

2)     FACC:  Total loss of $55 Million to scammers

FACC manufactures the interior engine components for the major aircraft manufacturers that include Boeing and Airbus.  They were hit with a Spear Phishing attack on January 19, 2016.  The company lost 17% of its total stock value, and the CEO was immediately fired as a result.  Outside attackers were the culprit in this incident.  More details of it can be seen here.

3)     The Crelan Bank:  Total loss of $75.8 Million

Also, on January 2016, this major financial institution located in the Netherlands fell victim to a Spear Phishing attack.  The bank claimed that it has taken further steps to protect their customers, their information, and their data.  More details of this attack can be seen here.

4)     Facebook and Google:  Total loss of $100 Million

Although no specific details have been revealed it is believed that these two major tech companies were hit with a Spear Phishing attack as well on March 21,2017.  Additional details can be seen here.

1. Now the question is, how does an organization prevent it from happening?  Here are some tips:
2. Always install the latest Security patches and software updates to your servers, workstations, and wireless devices.
3. Always employ encryption to protect corporate information and data, especially when sending it to another recipient.
4. Make use of DMARC (Domain-based Message Authentication, Reporting & Conformance), Sender Policy Framework (SPF), & DomainKeys Identified Mail (DKIM) technologies.  They compare address of the incoming E-Mail message to what is stored in your data base.  If the two do not match up, then the E-Mail message is automatically rejected and never makes into the corporate E-Mail Server(s).
5. Deploy Two Factor Authentication (2FA) whenever and wherever possible.
6. Keep your employees on their toes with Security awareness training workshops and also test their knowledge. With the latter, you can send out a phony E-Mail to your employees to see if they will fall for it.
7. Always confirm any suspicious E-Mail with the sender.  If they didn’t send it, then immediately delete it!!!