How to Dodge a Spear Phishing Attack
You can’t swing a dead cat without hitting a company that’s been linked to a phishing attack. Organizations such as RSA, Epsilon and the U.S. Department of Energy are just a few that have publicly held up their hands to falling victim to an attack.
And it will get worse. Gartner recently stated in its 2012 Magic Quadrant for Secure Email Gateways (SEG) report that "Phishing attacks continue to oscillate, while more targeted phishing attacks increase.” Why are spear phishing attacks increasing and what can organizations do to prevent falling victim?
What Can Be Done?
Spear phishing attacks are performed by humans, against humans. For that reason, while software solutions exist, relying on technology alone is not enough. Instead, you need to employ a holistic approach – anti virus and filters that will remove more basic, generic attacks, combined with education that helps end users become sensitive to warning signs and understand the correct process they need to report suspicious emails.