Skip to Main Content
Fighting Phishing
book

Fighting Phishing

by Roger A. Grimes
February 2024
Intermediate to advanced content levelIntermediate to advanced
448 pages
9h 22m
English
Wiley
Content preview from Fighting Phishing

CHAPTER 14Fighting Spear Phishing

Spear phishing is one of the top cybersecurity threats if not the top cybersecurity threat. Chapter 14 is going to cover different types of spear phishing and discuss how to specifically defend against it.

Background

Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that hackers and malware successfully attack devices and networks. No other initial cyberattack root cause comes close (exploiting unpatched software and firmware are a distant second, being involved in about 20% to 40% of attacks).

A particular type of social engineering is responsible for more successful compromises than any other type of attack: spear phishing. As previously covered in Chapter 2, “Phishing Terminology and Examples,” spear phishing is defined as focused, targeted phishing that attempts to exploit a specific person, position, team, organization, or group, often leveraging previously learned information related to the target. Spear phishers often use the information they find on publicly available websites, on social media, or private websites or use confidential information they have previously learned from using other exploits. General phishing rarely has or uses confidential information on the intended targeted victims, whereas, spearphishing often does.

In May 2023, Barracuda Networks released a report (https://assets.barracuda.com/assets/docs/dms/2023-spear-phishing-trends.pdf) revealing a lot of relevant statistics ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Cybersecurity – Attack and Defense Strategies - Second Edition

Cybersecurity – Attack and Defense Strategies - Second Edition

Yuri Diogenes, Dr. Erdal Ozkaya
Critical Infrastructure Security

Critical Infrastructure Security

Soledad Antelada Toledano

Publisher Resources

ISBN: 9781394249206Purchase Link