Spear-phishing attacks are up, and they are targeting individuals across all industries, according to a new warning issued by the U.S. Federal Bureau of Investigation.
And the uptick is at least partially linked to the increasing use of mobile devices for e-mail access and online browsing.
In its latest warning, the FBI's Internet Crime Complaint Center points out that incidents of spear phishing - targeted phishing attacks - are increasingly taking aim at employees with administrative rights and access to access critical systems.
This is a trend that the BankInfoSecurity confirms in preliminary results collected for its 2013 Faces of Fraud Survey. When asked how the number of phishing attacks aimed at employees had changed in the past 12 months, 45 percent of respondents note the attacks have increased.
In its release, the FBI points out that these attacks also are targeting consumers, by relying on personal information collected about these users from public posts on social media sites and blogs, as well as with data collected from other breaches, to make the fraudulent e-mails appear legitimate. They ultimately convince consumers to click links that take them to spoofed sites containing malware or to provide logins and passwords that allow the attackers to compromise online banking accounts, the FBI warns.
To protect your organization against these attacks provide high-quality security awareness training for all employees from the Board on down to the mail room.
Related Pages: Spear Phishing
