Phishing and spear phishing are very common forms of email attack designed to you into performing a specific action—typically clicking on a malicious link or attachment. The difference between them is primarily a matter of targeting.
- Phishing emails are sent to very large numbers of recipients, more or less at random, with the expectation that only a small percentage will respond. An apparently official email from, say, a well-known delivery company might arrive, saying that “Your package has been delayed, click here for details.” Click the link and malware might be downloaded onto your device, or you might go to a fake website where you’re asked to enter your name, address, and social-security number. That information would then be sold on the black market or used for fraud or identity theft.
- Spear phishing emails are carefully designed to get a single recipient to respond. Criminals select an individual target within an organization, using social media and other public information—and craft a fake email tailored for that person. For example, share online that you will be traveling to Chicago soon, and you might get an email from a colleague (apparently), saying “Hey, while you’re in Chicago you’ve got to eat at Joe’s Grill, check out their menu.” Click the link, and while you’re studying the menu, malware is inserted into your computer. Another version might apparently come from your CEO, who’s travelling abroad and says his phone and wallet and briefcase have been stolen, can you wire five thousand dollars to this number right away?
It’s important to train users to spot potential spear-phishing emails and delete them. To err on the side of caution and confirm the authenticity of any unexpected email by contacting the apparent sender.
But the truth is that even a well-trained, observant user will have moments of distraction, and as social media use explodes, it becomes ever easier to craft a highly convincing spear-phishing email. It’s critical to complement user training with technical solutions that prevent phishing and spear-phishing emails from ever arriving in your users’ inboxes.
Barracuda Sentinel is a cloud-hosted service that uses artificial intelligence for real-time spear-phishing and cyber fraud defense. It connects directly to Office 365, so it works alongside any email security solution with no impact on network performance or user experience.
Barracuda Essentials scans your email traffic to block malicious attachments and URLs, including those in phishing and spear-phishing emails. It also uses advanced analysis to spot typo-squatting, link protection, and other signs of phishing.
Barracuda Advanced Threat Protection is a cloud-hosted service available as an add-on subscription for multiple Barracuda security products and services (a 90-day subscription is included with Barracuda Essentials). It uses signature matching, heuristic and behavioral analysis, and static code analysis to pre-filter traffic and identify the vast majority of threats. Finally, it feeds remaining suspicious files to a CPU-emulation sandbox to definitively identify zero-day threats and block them from reaching your network. This means that it can block phishing and spear-phishing emails carrying zero-day payloads that other techniques might miss.