The methods in which these attacks are initiated can be any of the following or in combination:
Phishing: Phishing emails are sent to large numbers of users simultaneously in an attempt to “fish” sensitive information by posing as reputable sources—often with legitimate-looking logos attached. Banks, credit card providers, delivery firms, law enforcement, and the IRS are a few of the common ones. A phishing campaign typically shoots out emails to huge numbers of users. Most of them are to people who don’t use that bank, for example, but by sheer weight of numbers, these emails arrive at a certain percentage of likely candidates.
Spear Phishing: This is a much more focused form of phishing. The cybercriminal has either studied up on the group or has gleaned data from social media sites to con users. The email generally goes to one person or a small group of people who use that bank or service. Some form of personalization is included – perhaps the person’s name, or the name of a client.
Executive “Whaling”: Here, the bad guys target top executives and administrators, typically to siphon off money from accounts or steal confidential data. Personalization and detailed knowledge of the executive and the business are the hallmarks of this type of fraud.
In our next blog we will cover Social Engineering and how the above techniques fall under the broader category of social engineering.
We are excited to launch our new website www.cloudplusservices.com we have a new look and hope you enjoy it and possibly share it with your fiends and partners.
Remember…Think Before You Click!
Tina Louise ~ www.cloudplusservices.com 888.871.6584