What is spear phishing?

You've probably heard of phishing scams: fraudulent e-mail messages or fake Web sites designed to steal your identity. Scam artists "phish" in an attempt to persuade millions of people to disclose sensitive information. Now there's a new version of an old scam called "spear phishing," a highly targeted e-mail attack that a scammer will send only to people within a small group, such as a company. The e-mail message might appear to be genuine, but if you respond to it, you might put yourself and your employer at risk.
How standard phishing scams work

Phishers (scammers who perpetrate phishing scams) usually take a broad approach by sending millions of e-mail messages that appear to come from popular banks, online auction houses, and other businesses. These e-mail messages, pop-up windows, and the Web sites they link to appear official enough that they deceive many people into believing that they are legitimate. Unsuspecting people often respond to these requests for credit card numbers, passwords, account information, or other personal and financial data. According to the 2005 Consumer Reports State of the Net survey, phishing scams cost consumers an average of $395 per incident in the United States. What is spear phishing?

Linked by shanmuga Monday, 12th December 2005 11:47PM