Georgia Tech correctly identified that the most challenging threat facing corporate networks today is “spear phishing.” “Spear phishing is the most popular way to get into a corporate network these days,” said Andrew Howard, a GTRI research scientist who heads up the organization’s malware unit. “Because the malware authors now have some information about the people they are sending these to, they are more likely to get a response. When they know something about you, they can dramatically increase their odds.”
Trying to stop spear phishing with software is not that simple. Dozens of antivirus companies have spam modules in their software and they all try to do this as well. The big problem is false positives; legit messages that are being blocked. The issue is that the attacker is human and the victim is human. Until we can create expert systems that are smart enough to for instance identify a scam which makes the target try to avoid a negative consequence, we should follow the Georgia Tech advice "users are the front line defense. We need every user to have a little paranoia about email." The best way to do that is have them step through:
Kevin Mitnick Security Awareness Training.
Related Pages: Spear Phishing