Spear-phishing is the most prevalent delivery method for advanced persistent threat (APT) attacks. Today’s cyber criminals launch APT attacks with sophisticated malware and sustained, multi-vector and multi-stage campaigns to achieve a particular objective. In a typical spear-phishing attack, a specially crafted email is sent to specific individuals from a target organization. “APT campaigns frequently make use of spear-phishing tactics because they are essential to get high-ranking targets to open phishing emails,” the TrendLabs APT Research Team noted in the Trend Micro white paper.
Spear-phishing may be defined as highly targeted phishing aimed at specific individuals or groups within an organization. Spear-phishing makes use of information about a target to make attacks more specific and personal to the target. Spear-phishing is a targeted email scam with the sole purpose of obtaining unauthorized access to sensitive data.
Running simulated phishing tests will determine your employees' susceptibility to social engineering and phishing scams. Train your employees and help them identify spear phishing and ransomware attacks.