Every year, so many people are strongly affected by online attacks like spear phishing and phishing emails. These have nuanced differences. However, a lot of people are unaware of these differences, making it difficult for people to differentiate one from the other. The threats may appear similar, yet there are marked differences between the two. According to experts, hyper-awareness is crucial for handling these issues. After all, hyper-awareness is deemed as the root of cyber vigilance. Let us now understand the difference between spear phishing vs phishing.
Technically, Spear Phishing is where the attack targets a specific victim. When compared to phishing, this form of attack is more explicit. Phishing is considered as a generalized form of attack, where the attacker targets a mass group of people. The mass distribution increases the chances of the attacker striking a “fortune”. In fact, phishing is all about casting a wider net. On the other hand, spear phishing is where hackers focus on a personal level. The attacker is often after a very specific person.
A reputed scheme for this kind of attack would be the business email compromise scenario. The attacker enacts as a senior employee of the company. And, the attacker sends an email that requests for wire transfers. These transfers redirect funds to a fraudulent company. Three common types of spear-phishing attacks include W2 information extraction, direct deposit changes, or wire transfers.
In order to become successful in their attempt, the attacker enacts as a known person. They tend to impersonate someone who is in a reputed and accountable position in the company. In some cases, the attacker engages in different forms of social engineering strategies. Through these strategies, they acquire the details of business acquaintances and colleagues.
Before engaging in the actual attack, the attacker tends to research more about the business and the individuals. They spend days (if not months) researching the person, their interests, and net worth. They scan through social media networking sites, the internet, and other sources for gathering details about the person. Most of the time, the attacker uses peer to peer protocols to extract data. A commonly used tool for extracting data would be “BitTorrent”.
Let’s try to understand this with a simple example.
You are working for “B”, and your name is “A”. When a spear phisher notices your profile on your social media networking site like LinkedIn, they start exploring. Now, they realize that you are a connection of “B”. Soon, he starts to follow your profile on Facebook and understand that you are interested in coding. Also, they start to understand what projects you are keen on. Once the attacker is familiar with your interests, they create an email account with the name “B@gmail.com”.
When “B” goes on vacation, they use the above address to get in touch with you. And, they may even ask you to transfer 100,000 USD to a contractor who is located offshore. If you don’t pay extra attention to the authenticity of the email, and the sender – the chances of you making a transaction are high. The above strategy works because “employees” are often nervous and intimidated when their boss sends an email.
Phishing is also known as “casting a net”. This is a famous online hacking strategy. Phishing involves the process of sending emails to a huge number of people. These emails are carefully drafted to lure potential online users to opening an attachment or clicking on a link in the email. When the attachments or links are open – the victim is redirected to a page where their details are gathered. The target page would contain the names of reputed brands and people. This is one of the reasons why victims fall for the Phishing attack.
The landing web page is used as a means of harvesting crucial pieces of information like login credentials and credit card information. In most phishing emails, you will come across the following lines: “Please update your username and password”, or “Your current account is suspended”, or “Your bank account details have to be updated”.
Phishing attacks are highly effective because it is difficult to differentiate them from their actual counterparts. For example, the URLs itself are carefully chosen to replicate the real ones. The moment you share your credentials, or SSN, or other crucial pieces of information – the criminals will be able to extract and use them on different platforms.
In the past few years, phishing attacks have become extremely famous in gathering cloud credentials. This technique is used to extract the login credentials of applications like Office 365. The attacker would send you an email, requesting you to log in to their Office 365 account. The moment you log in, they will gain access to your shared files, platforms, and account information.
Both spear phishing and phishing attacks are executed over the internet. These attacks are used to extract confidential pieces of information from the user. However, phishing is much broader than spear phishing. During the phishing attacks, a wider group of audiences are tricked into sharing their confidential information. The attacker tends to disguise themselves as someone reputed and trusted in society. Conversely, social media networking sites, emails, and phone calls are used for extracting information from the masses.
On the other hand, spear phishing is personalized. During the spear-phishing attacks, the emails and messages are sent to a person. The ultimate aim of this attack is to encourage the victim to click a button or perform an action that leads to the sharing of crucial pieces of information. The messages shared with the victim are highly modified to suit their mindset, interest, and professional background. Purportedly, the message has to appear like it is familiar with the person they are getting in touch with.
When compared to phishing attacks, the spear attacks need more time and thought. They are hard to achieve because the process of attaining personal information that can be used for building “personalized” and “convincing” messages is more. However, if the attack is executed successfully, it becomes more difficult to spot the attacker. This is one of the prime reasons why these attacks are highly prevalent.
The Epsilon Issue in the year 2011 was one of the most famous incidents of spear-phishing attacks. The marketing company was affected by the scheme for harvesting the credentials of customers. The phishing emails had links for downloading malware, which disabled the anti-virus software used by the company. Also, the link provided remote access that can be used to steal passwords and usernames. These emails were sent to many companies; however, they always focused on employees and their email operations.