Following the news that cybersecurity firm Barracuda Networks has published a report on spear phishing which reveals that over 80% of attempts involve brand impersonation, Corin Imai, Senior Security Advisor at DomainTools commented below.
Corin Imai, Senior Security Advisor at DomainTools:
“Unfortunately, aside from investing in an efficient email filtering software, there is little that organisations and private individuals can do to keep phishing emails out of their inbox. Criminals have learnt that the best way to get victims to click on links or to disclose personal information is to elicit an emotional response, which is why they often choose to impersonate recognised and trusted brands that the receiver is likely to have a connection with. Additionally, when a language of urgency is used, people are instinctively brought to take action and are more prone to letting their guard down and respond to whatever call of action the email prompts. Recognising that this is how malicious actors operate is the starting point to counteract spear phishing campaigns. Organisations should aim to protect themselves by investing in awareness programmes that teach employees to recognise the markers of an attack and warn them against sharing personal information online.”