What is spear phishing, you ask? Long story short, it’s a phishing technique that plays on the victim’s trust or, rather his gullibility. Spear phishing attacks are surgical, while general phishing attacks are more like “let’s cast this lure in the puddle and see what bites.” So, without further ado, let’s dig right into it. FYI: in this article, I’ll be covering the difference between spear and whale phishing and how to protect your company’s digital assets against them.
What is Spear Phishing?
Spear phishing can be defined as an email spoofing attack that targets very specific and very ‘employed’ individuals. As Aaron Ferguson, an NSA agent and West Point Professor, noted, spear phishing attacks are directed against an employee or an organization.
How Does Spear Phishing Work?
Spear phishing usually takes the guise of in-house emails, asking employees to fill in credential requests. Why would someone be willing to share his/her credentials via email? Well, think of it this way: how likely are you to nix an email from