Spear-Phishing Email: Most Favored APT Attack Bait

Trend Micro • December 18, 2012

Spear phishing has been regarded as the favored means by APT attackers to infiltrate target networks. In a typical spear-phishing attack, a specially crafted email is sent to specific individuals in a targeted organization. The recipients are convinced through clever and relevant social engineering tactics to either download a malicious file attachment or to click a link to a malware - or an exploit-laden site, starting a compromise.

While spear phishing may be a timeworn technique, it continues to be effective even in today's Web 2.0 landscape. This research paper presents Trend Micro findings on APT-related spear phishing from February to September 2012 to:

Analyze APT-related spear-phishing emails to better understand and mitigate attacks;
Understand the elements of a spear-phishing attack;
Identify the most likely entry points within your organization;
Identify the industries and regions most commonly targeted.

Previous
Your Organization Has Just Been Attacked by Malware - Now What?

Next
Detect, Analyze and Respond to Targeted Attacks

You might also be interested in …

Cloud Smart Roadshow Tallahassee : Practical Strategies for a Simplified and Secured Cloud Journey

Cloud Smart Roadshow Tallahassee : Practical Strategies for a Simplified and Secured Cloud Journey

Live Webinar | Protecting Your Workloads from Modern Threats with VMware Ransomware Recovery

Live Webinar | Protecting Your Workloads from Modern Threats with VMware Ransomware Recovery

Your Blueprint for Reducing Cloud Risk

Your Blueprint for Reducing Cloud Risk

Cloudy with a Chance of Security | How Mid-Sized Organizations Are Managing Biggest Cloud Security Challenges

Cloudy with a Chance of Security | How Mid-Sized Organizations Are Managing Biggest Cloud Security Challenges

Security Assessment Sample Report

Security Assessment Sample Report

AWS Security Foundations: For Dummies

AWS Security Foundations: For Dummies

Mid-Market Grid® Report for Cloud Security Posture Management (CSPM)

Mid-Market Grid® Report for Cloud Security Posture Management (CSPM)

Keep Your Cybersecurity Team Happy, Engaged and Employed (By You!)

Keep Your Cybersecurity Team Happy, Engaged and Employed (By You!)

6 Phishing Predictions for 2019

Around the Network

How Generative AI Will Improve Incident Response

How Generative AI Will Improve Incident Response

What's Behind Disturbing Breach Trends in Healthcare?

What's Behind Disturbing Breach Trends in Healthcare?

The State of Security Leadership

The State of Security Leadership

Addressing Security Gaps and Risks Post-M&A in Healthcare

Addressing Security Gaps and Risks Post-M&A in Healthcare

Threat Modeling Essentials for Generative AI in Healthcare

Threat Modeling Essentials for Generative AI in Healthcare

Why Connected Devices Are Such a Risk to Outpatient Care

Why Connected Devices Are Such a Risk to Outpatient Care

Critical Considerations for Generative AI Use in Healthcare

Critical Considerations for Generative AI Use in Healthcare

Why Entities Should Review Their Online Tracker Use ASAP

Why Entities Should Review Their Online Tracker Use ASAP

Using AI to Separate the Good Signals From the Bad

Using AI to Separate the Good Signals From the Bad

Generative AI: Embrace It, But Put Up Guardrails

Generative AI: Embrace It, But Put Up Guardrails

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ddos.inforisktoday.com, you agree to our use of cookies.