While these attacks often involve some intelligence gathering on the part of the attacker, who needs to identify information such as the business legal name and address, the names of company officers and employees in accounts payable, the structure of company email addresses within the company, and so forth—this information can often be found from various public sources. Company websites and social media pages readily divulge this type of information, and searching Facebook, Twitter, and LinkedIn for employees social media accounts, especially those of executives, can help refine targeting.
The attackers may even send messages to sales, marketing, and public relations departments to get replies from which they can copy ...