Spearphishing – no one is safe, not even Antivirus companies

Spearphishing attempts being targeted at the top management of companies in order to get data and access internal information and tools is nothing new. As with most dangers it probably seems to be “far out there” – you are after all not a target, right? That’s what a lot of people believe, but the danger is real. Just recently for example the management at Avira was a target which demonstrates that even top managers of a security firm need to exercise caution with their email inboxes.

Spearphishing is a more precise variant of phishing. Instead of the shotgun, generalist approach of hitting everyone with threats or spam sweepstakes offerings, spearphishing comes to you as an individual – and sometimes even comes via the name of a known person whose account has been previously hacked. While a customized spearphishing email is more work for the cyber-criminals to create, the odds are much higher that the potential victim will take the lure. And, getting the needed names and details for a convincing phish is easier than ever, thanks to the huge data breaches of personal information and emails available in the dark web.

Unlike the usual Ebay or invoice announcements, these latest attempts hitting Avira ask for the recipients help to solve some issues with undelivered emails. It’s a perfectly reasonable request – but it also is completely bogus. They go to show that people – even if they are not an Avira manager – need to be cautious over any attempt to get them to enter passwords or credentials into a popup or webpage.

Let’s get serious about this

The best defense against spearphishing is not technical – it’s you. And, you are also the last line of defense as many phishing attempts have already been filtered out by your network’s spam filters. It is up to you to visually inspect emails for signs of bogusness.

The prime way to do this is by hovering your mouse courser over suspect links. This will help uncover deceptive URLs with names that are similar – but not quite the same – as legitimate one.

Marian Schneider, an IT – Security Analyst at Avira, recently reminded staff of their need for cautious skepticism over incoming emails, laying out the following 6 questions everyone should answer before clicking on any link or email:

  • Do I know the sender?
  • Does the sender’s mail address look serious?
  • Is the sender’s mail address written correctly?
  • Did I ask for this mail?
  • Is there any reason for inserting my password into an unknown website?
  • Does the link to the website look serious?

As mentioned in Marian’s points – and in Google’s recent phishing test – only you can really stop spearphishing. It is up to you to put on your skeptic hat before clicking. The real-life warning to “look before you leap” still applies in the online era.

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.