IT security analysts have reported a new wave of ‘Spear Phishing’ attacks on businesses, using the recent terror attacks to dupe victims out of substantial amounts of money.
If you are not familiar with the term Spear Phishing, it is not a poorly spelled sporting pastime but more a method used by internet criminals to trick computer users into disclosing information or paying bogus bank accounts. A typical attack will usually target specific members of staff, such as your accounts payable, with emails pretending to be from suppliers or other staff in your organisation authorising payments or disclosure of information.
The communication is highly convincing and is usually preceded by the criminals researching your organisation to ensure they can refer to the colleagues and managers of the subject of the attack by name.
The latest wave of attacks involve emails being sent allegedly from security organisations with tips on how to stay safe. They have some attachments one of which will install software on the PC designed to harvest confidential information. They also directly refer to staff in the business being targeted.
So far there have been no reports of the attacks occurring in the UK however we advise our clients to be vigilant, not to open any suspicious emails and to report them to our Service Desk Team.