Spear Phishing Investigation

Spear phishing is a “Highly targeted phishing aimed at specific individuals or groups within an organization especially corporates”. Spear fishing makes the use of information about a target to make attacks more specific and “Personal” to the target. Spear-phishing emails, for instance, may refer to their targets by their specific Name, Rank, Designation or Position instead of using generic titles as in normal phishing campaigns.

The availability of organizational information on the Internet allow attackers to gain relevant data on their chosen targets In a typical spear-phishing attack, a specially crafted email is sent to specific individuals from a target organization. The recipients are convinced through clever and relevant social engineering tactics to either download a malicious file attachment or to click a link to a malware- or an exploit-laden site. The file, often a vulnerability exploit, installs a malware in a compromised computer.

Spear-phishing emails can have attachments of varying file types i.e. most commonly used and shared file types in organizations (e.g., .XLS, .PDF, .DOC, .DOCX, and .HWP). The malware then accesses a malicious command-and-control (C&C) server to await instructions from a remote user. At the same time, it usually drops a decoy document that will open when the malware or exploit runs to hide malicious


Report an Incident

Send us information about your case, we will respond to you promptly