Spear phishing sounds like a sport, doesn’t it? Well for many cyber criminals, it is! And sadly, they much to gain when you lose. While phishing e-mails are sent in mass quantities with the anticipation that some will fall prey, spear-phishing e-mails target select individuals or groups. Odds are, the cybercriminal already knows something personal about you or your organization. They use this data to lure you into giving them private information or tempt you to click links in their e-mails that install malware onto your PC. Malware can hijack your computer resulting in your personal data (think bank account and social security numbers) being stolen. So, it could be time to hop on the identity theft protection train…
So how do cyber-criminals get these tidbits of information about you to send you enticing e-mails? Well, they probably don’t have to look too far thanks to social engineering. If you’re on Facebook or LinkedIn, they can find out who you work for, what you do there, and what your e-mail address is. Social engineering is by far one of the biggest threats to you and your organization. It’s increasingly more important to be cognizant of what we post about ourselves on our social media pages. And with that in mind, it may be time to edit some of our own entries…