Phishing is most are familiar as mass emails that try to encourage someone to do something – from download an attachment, to click through to a website, to complete a form. In all these cases, once a recipient does one of these things, malware is installed that compromises the security of the computer system or network. These types of threats are becoming more and more sophisticated as emails and websites are designed to look more and more like established and trusted brands. Here enters spear phishing.
Similar to phishing, spear phishing differs in that it usually targets a smaller group or a specific department in an organization and is more difficult to detect as it appears to come from a sender closely aligned with the recipient. Cybercriminals choose to launch a flurry of spear-phishing attacks because it’s the most successful form of acquiring confidential information. The impersonated page is virtually identical to the legitimate page and is hosted on a hijaked domain.
Thanks to AI, automation, and behavioral data, cybercriminals are now sending targeted spear phishing en masse.
SlashNext Threat Labs observed a flurry of spear-phishing attacks targeting companies at the forefront of Covid-19 vaccines and therapeutics development. There were more than 800 spear phishing domains launched over 60 days that belong to the same threat actors. In all cases, these attacks point to Office 365 log-in pages. These spear-phishing attacks are designed to appear trustworthy. They are targeting specific individuals, in this case, companies that are working on Covid-19 vaccines or therapeutics in an attempt to steal sensitive account credentials.
Example: Screenshot of fake Microsoft Office 365 page for AstraZeneca
SlashNext Blog | Spear Phishing
Today, while man-in-the-middle (MiTM) attacks are still a big concern, the security endpoint has changed to the browser, creating a MiTB phishing threat that poses real danger.
Try SlashNext 360° Defense-as-a-Service Now
Choose from one of SlashNext’s 14 day trials
Fast and easy cloud deployment in minutes.