Managed services providers (MSPs) are tasked with defending businesses from the many potential cybersecurity attacks that could be leveraged against them, from ransomware to distributed denial of service (DDoS) attacks. But of the various types of attacks that bad actors employ today, phishing is arguably the most dangerous. According to recent statistics from VPN Insights, phishing emails open the door for 91% of all cybercrimes. The average user receives 16 phishing emails a month, and 42% of spear phishing targets are successfully tricked into opening malicious email attachments.
So what exactly is spear phishing? How can MSPs recognize spear phishing attacks before it’s too late? With such alarming numbers, it’s clear that security experts have a duty to better educate their customers about spear phishing to protect them from falling victim. Here are some commonly asked questions about spear phishing you can discuss with your customers to raise awareness in 2020.
What is spear phishing?
The term “spear phishing” refers to any email or electronic communications scam designed to get a particular user, organization, or business to reveal sensitive information. In most cases, the bad actor disguises their attack as a legitimate message from a trusted website or person. Once the spear phishing target clicks on a malicious link or complies with the attacker’s request to send confidential data online, their information can be lifted and used for various purposes.
Sometimes the primary objective of a spear phishing attack is not to steal information, but to create an opportunity for other kinds of cybersecurity attacks to flourish. For instance, the link a target clicks on could install malware on their network or serve as the first phase of a DDoS attack. Either way, spear phishing attacks are becoming increasingly sophisticated and hard to detect, making them more dangerous than ever.
Is spear phishing more widespread than phishing?
Relevant research hasn’t shown that spear phishing is any more common than standard phishing, but there are important differences between the two types of attacks. Phishing attacks, much like their namesake, are generalized attacks that cast a wide net and hope someone will bite. Spear-phishing attacks, on the other hand, are personalized attacks that target particular individuals, organizations, or businesses. These attacks are disguised to look like they originate from someone trusted by the target and are becoming more prevalent due to their success in getting the target to lower their guard.
This does not mean, however, that spear phishing attacks are more widespread in the numerical sense. If anything, people simply perceive spear phishing to be more widespread because they are successful a higher percentage of the time.
Is spear phishing a social engineering attack?
Yes, spear phishing is a type of social engineering attack. Social engineering attacks manipulate people into compliance by preying on human nature. Social engineering attacks typically rely on two factors—trust and inattentiveness.
Cybercriminals know people are more likely to respond to messages from people or organizations they know and trust, even if they seem a little off upon further inspection. For example, if you’ve recently ordered a sweater online and you see an email that appears to be from that company, most people are naturally inclined to trust it. What’s more, your average busy employee doesn’t scrutinize their emails for phishing attempts at all times. MSPs and their employees have to constantly be vigilant, but a bad actor only has to get lucky once.
Unfortunately, preying on human nature pays off for a lot of cybercriminals. A CyberEdge report found that social engineering attacks were successful 79% of the time.
How can I identify spear phishing?
Cyberattackers grow smarter with each coming year, which means MSPs need to be just as smart—if not smarter—in 2020. The best way to identify and stop spear phishing attacks is to go on the offensive. Study up on spear phishing and the possible scenarios you or your customers might encounter. Educate yourself, your employees, and your customers on the types of social engineering techniques that bad actors use. Be sure every end user knows how to differentiate a legitimate email request from a fraudulent one.
If you can memorize the verbal and visual hallmarks of spear phishing communications, you increase your chances of detecting an attack before it affects your company or your customers. Not all phishing emails are the same, but alarm bells should sound if you see an email that:
- Features grammatical errors throughout
- Demands you act quickly to stop something from happening to your account
- Has nonstandard URLs
- Has nonstandard company graphics or originates from a non-standard company email address
To see if a link is legitimate, hover over it to see if the hover link matches the web address it’s supposed to link to. If not, it’s a scam.
An easy way to keep everyone in your company up-to-date on threats and best practices is to enforce routine cybersecurity awareness training sessions. Studies have shown that regular security awareness training can reduce the risk of falling victim to socially engineered cyberthreats by 70%. To see results, MSPs should have training sessions at least once a year—but once every quarter is even better.
Beyond that, there are numerous technologies and IT best practices that managed services providers can lean on to help them stand up against spear phishing threats. Two-factor authentication (2FA) is a great way to keep an eye on who’s logging into confidential accounts. If you get an alert that someone is trying to log in, but the account owner confirms it wasn’t them, you’ll know a spear phisher might be trying to gain access with information they’ve acquired. Cloud-based email filtering and inbound email filtering automatically block known malicious domains, so you can stop spear campaigns before they even get to your inbox.
SolarWinds® Mail Assure is an excellent security tool for ramping up your email threat-prevention protocols. Mail Assure leverages high-quality threat intelligence and advanced machine learning to keep your customers safe. The Intelligent Protection & Email Filtering Engine has a near 100% accuracy rate, and cross-references incoming email, leveraging input from over 23 million mailboxes under management. Microsoft Office 365 is susceptible to email threats—but Mail Assure integrates right in, making it easier for MSPs to protect their customers from multiple angles.
For more information about spear phishing, read through our related articles.