Spear phishing

Spear phishing, as the name suggests, is a narrowly focused attack against our client target. This type of phishing is very specific and requires a lot of homework on our part to pull off as believable. Take this example, for instance; a company who gets updates from a vendor for its in-house software can be sent spoofed e-mails or technical support phone calls urging it to perform an "update" that in actuality is a virus installation. In this attack, we, the attackers, never see, or digitally (or physically) even touch the (now compromised) target system. This type of attack is extremely successful and has been proven in the past to be so by the compromise of many large-scale corporations and even information security firms by ...

Get Penetration Testing with Perl now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.