CLICK THINKING TM SPEAR PHISHING—BY THE NUMBERS WOW! · 2020-04-23 · football updates? animal...
1
• M A C R O - I N F O G R A P H I C • CLICK THINKING Quick insights for protecng yourself and your company from online threats P TM ATTACKER GATHERS INFO ON TARGET ATTACKER FAKES VERY SPECIFIC EMAIL USING INFO GATHERED COLLEGE PROFESSIONAL NETWORKS SOCIAL POSTS COMPANY REPORTS REVIEWS FACT Most of this informaon can be found online in a maer of minutes 95% OF ALL CYBERATTACKS BEGIN WITH A SPEAR PHISHING ATTEMPT [email protected] Dear Andy, Soon your son will be walking the same halls as you did when you were a student here just a short me ago. How proud you must be! While things have changed since then, our commitment to excellence remains strong. By clicking here, you’ll find a list of acvies the two [email protected] Hi Brianna, First, I’d like to apologize on behalf of all of us at Chez Voulez for the experience that prompted you to write a bad review on Yelp! We are truly sorry that your reservaon was lost, and that your dinner party was seated inside the restaurant instead of on the pao as you requested. Please let us make it up to you. The link below will take you to our giſt card fulfillment center where [email protected] Rick, Need your help execung on the Matrux Materials contract. Please see notes: • Black line review (I’ll handle with Dillmann & Assoc.) • Authorize 1st installment payment (YOU) We have unl 5 p.m. EST to finalize, so make this a priority. I’ll circle CW shana@customerprofile.com Carey, Just dropping you a quick note to let you know that we need your payment method preference before you can shop online with us. Please click here to securely provide this informaon, or call (555) 555-5555 to share it securely with a profile specialist. Thank you for your cooperaon and swiſt aenon to this maer. We look forward to compleng your file and serving you as a valued 1 2 W H A T A R E Y O U R S ? Aackers use EMOTIONAL HOOKS that get you to respond. ALUMNI SPEAR PHISH REVIEW SPEAR PHISH $ WIRE SPEAR PHISH REQUEST SPEAR PHISH 3 ATTACKER SENDS EMAIL TO TARGET WOW! My alma mater really cares! Finally, some satisfaction. Anything to help out Casey! How did I not do this? I’ll do it now! JO Would you fall for one of these? You may not think so, but no one is immune. Aackers do their homework to find an approach you’ll respond to. Whether it’s nostalgia, recognion, a desire to help or something else, they’ll find it and use it against you. fantasy football updates? animal shelter appeals? polics? celebrity gossip? There is digital evidence about everyone online that can provide the basis of a spear phish. They use trivial informaon you post online to create spear phishing emails that appear very real. Spear phishing emails are personal, targeted and oſten impersonate senders you know and trust. SPEAR PHISHING—BY THE NUMBERS THIS IS HOW WE DO IT! © 2017 PHISHLINE, LLC, ALL RIGHTS RESERVED.
Transcript of CLICK THINKING TM SPEAR PHISHING—BY THE NUMBERS WOW! · 2020-04-23 · football updates? animal...
• M A C R O - I N F O G R A P H I C •
CLICK T H I N K I N GQuick insights for protecting yourself and
your company from online threats
P
TM
ATTACKER GATHERS INFO
ON TARGET
ATTACKER FAKES VERY SPECIFIC EMAIL
USING INFO GATHERED
COLLEGE
PROFESSIONAL NETWORKS
SOCIAL POSTS
COMPANY REPORTS
REVIEWS
FACT
Mostof thisinformationcan be foundonline in amatter ofminutes
95%OF ALL
CYBERATTACKSBEGIN WITH A
SPEAR PHISHINGATTEMPT
Dear Andy,
Soon your son will be walking the same halls as you did when you were a student here just a short time ago. How proud you must be! While things have changed since then, our commitment to excellence remains strong. By clicking here, you’ll find a list of activities the two
Hi Brianna,
First, I’d like to apologize on behalf of all of us at Chez Voulez for the experience that prompted you to write a bad review on Yelp! We are truly sorry that your reservation was lost, and that your dinner party was seated inside the restaurant instead of on the patio as you requested. Please let us make it up to you.
The link below will take you to our gift card fulfillment center where
Rick,
Need your help executing on the Matrux Materials contract. Please see notes: • Black line review (I’ll handle with Dillmann & Assoc.) • Authorize 1st installment payment (YOU) We have until 5 p.m. EST to finalize, so make this a priority. I’ll circle
CW
Carey,
Just dropping you a quick note to let you know that we need your payment method preference before you can shop online with us.
Please click here to securely provide this information, or call (555) 555-5555 to share it securely with a profile specialist.
Thank you for your cooperation and swift attention to this matter. We look forward to completing your file and serving you as a valued
1
2
W
H AT A R E Y O U RS?
Attackers use
EMOTIONAL HOOKS
that get you torespond.
ALU
MN
I SPEAR PH
ISH
REVIEW
SPEAR PH
ISH
$ WIRE SPEA
R PHISH
REQU
EST SPEAR PH
ISH
3
ATTACKER SENDS EMAIL
TO TARGET
WOW! My alma materreally cares!
Finally, some satisfaction.
Anything to help out Casey!
How did I not do this? I’ll do
it now!
JO
Would you fall for one of these? You may
not think so, but no one is immune.
Attackers do their homework to find an approach you’ll
respond to.
Whether it’s nostalgia, recognition, a
desire to help or something else, they’ll find it and use
it against you.
fantasyfootball updates?
animal shelter appeals?
politics?celebrity gossip?
There is digital evidence about everyone online that can provide the basis of a
spear phish.
They use trivial information you post online to create spear phishing emails that
appear very real.
Spear phishing emails are personal, targeted and often
impersonate senders you know and trust.
SPEAR PHISHING—BY THE NUMBERS
THIS IS HOWWE DO IT!
© 2017 PHISHLINE, LLC, ALL RIGHTS RESERVED.
