Prevent Spear Phishing Emails | PDSC Advice Guides

Spear Phishing is an attack aimed at a specific person, with cyber criminals seeking to manipulate a targeted victim into actioning a request via email, usually to click on a link or attachment or respond to an invoice.

The Spear Phishing email will be addressed to the recipient and might even contain a common reference, possibly garnered from social media or referring to other employees. Being targeted and with the email personalised, the request becomes much more plausible and likely to be actioned.

There are prevention methods you can use against Spear Phishing emails:

This image for Image Layouts addon

Implement anti-spoofing controls to stop your email addresses from being a resource for attackers (e.g. DMARC). An email is far more believable if a cyber criminal pretends to be from within the organisation itself.

This image for Image Layouts addon

Consider what information is available to attackers on your website and social media accounts.

Spear Phishing

Add a filter/ block system to stop incoming Spear Phishing emails.

This image for Image Layouts addon

Ensure that your software is always up to date.

This image for Image Layouts addon

Protect your accounts with 2 Factor Authentication (2FA).

Encourage your staff to:

Think before they click. If they do click they must not panic but report it internally to the line manager
Check the sender email address. Criminals make slight changes to a known address (e.g. change O to 0 or use/remove punctuation) to keep it authentic
Look for bad grammar and spelling mistakes
Hover over the link to reveal the true website path. There might be slight changes in characters and punctuation that could go unnoticed
Scammers will stress the urgency for action. Remind staff to not act on impulse, take a minute and investigate their emails further
Telephone and speak with the sender to verify the request, using a reputable number. This is the easiest way to verify an email’s integrity and will reduce any doubt in actioning the request
Check if the email meets usual correspondence formalities. If the email appears to be from a source you often contact but is formatted differently, it could mean the sender is not who it purports to be
Check for low quality versions of recognisable logos, as this indicates the sender is not part of the organisation
Check for images that contain a text box because they can contain malware or embed links to a fraudulent website
Spear Phishing