Spear Phishing

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organisation, seeking unauthorised access to confidential data.

What is spear phishing?


Spear phishing is a targeted phishing attempt through an e-mail that appears to come not only from a trusted source, but often from someone in your own company, a superior in many cases, or from a close relative. The subject line address is customised/personalised and often will be one of relevance to either current projects of developments within the company, or may be related to family event. The violation occurs when the user opens the e-mails, clicks on the link attached and then trojans or malware gets downloaded or a form appears on the screen, in which data needs to be filled in by the recipient. This information is confidential and could be useful for accessing and transacting on internal organisation's application.

How does trojan/malware help fraudster?


How does spear phishing work?


Spear phishing has success in manipulating users confidential information for 3 reasons:

  • The source appears to the user to be known, trusted and one that the user has frequent correspondence with
  • The verbiage used in the subject reinforces the validity that the source is legitimate
  • The information requested seems to make reasonable sense to the user considering the 'source'

An example of spear phishing would be an e-mail that appears to come from a specified and known network or IT person within your company. It prompts you to login with your employee name and password. Upon doing so, a malware is downloaded. As once the perpetrator has the user name and password of that employee, he/she can then access great amounts of company data using that access or perform transactions.

How to protect from spear phishing?


  • If the message prompts form to disclose your personal confidential information any time STOP. Recheck
  • Do not respond or act without first contacting the 'sender' by telephone and verifying that the e-mail is legitimate
  • Do check the senders e-mail address displayed, whether it perfectly matches with e-mail address used within your company
  • Do check whether the sender associated with the e-mail is indeed from the company
  • Do not open attachments in such e-mails as they might carry virus
  • Do check the website where you might get redirected. The redirected website should belong to your company
  • Do not just delete these e-mails. Report them immediately to your IT dept or your company contacts for computer support