Spear-Phishing Email: Most Favored APT Attack Bait

Trend Micro • December 18, 2012

Spear phishing has been regarded as the favored means by APT attackers to infiltrate target networks. In a typical spear-phishing attack, a specially crafted email is sent to specific individuals in a targeted organization. The recipients are convinced through clever and relevant social engineering tactics to either download a malicious file attachment or to click a link to a malware - or an exploit-laden site, starting a compromise.

While spear phishing may be a timeworn technique, it continues to be effective even in today's Web 2.0 landscape. This research paper presents Trend Micro findings on APT-related spear phishing from February to September 2012 to:

Analyze APT-related spear-phishing emails to better understand and mitigate attacks;
Understand the elements of a spear-phishing attack;
Identify the most likely entry points within your organization;
Identify the industries and regions most commonly targeted.

Previous
Your Organization Has Just Been Attacked by Malware - Now What?

Next
Detect, Analyze and Respond to Targeted Attacks

You might also be interested in …

Security Assessment Sample Report

Security Assessment Sample Report

Mid-Market Grid® Report for Cloud Security Posture Management (CSPM)

Mid-Market Grid® Report for Cloud Security Posture Management (CSPM)

Cloudy with a Chance of Security | How Mid-Sized Organizations Are Managing Biggest Cloud Security Challenges

Cloudy with a Chance of Security | How Mid-Sized Organizations Are Managing Biggest Cloud Security Challenges

CNAPP: For Dummies

CNAPP: For Dummies

Your Blueprint for Reducing Cloud Risk

Your Blueprint for Reducing Cloud Risk

Survival Guide For the Next Log4Shell

Survival Guide For the Next Log4Shell

Wiz for AWS Container and Kubernetes Security

Wiz for AWS Container and Kubernetes Security

Keep Your Cybersecurity Team Happy, Engaged and Employed (By You!)

Keep Your Cybersecurity Team Happy, Engaged and Employed (By You!)

6 Phishing Predictions for 2019

Around the Network

Good Governance: 'It's All Hygiene'

Good Governance: 'It's All Hygiene'

Mapping the Unseen Vulnerabilities of Zombie APIs

Mapping the Unseen Vulnerabilities of Zombie APIs

Why Hospitals Should Beware of Malicious AI Use

Why Hospitals Should Beware of Malicious AI Use

How Biden's AI Executive Order Will Affect Healthcare

How Biden's AI Executive Order Will Affect Healthcare

AI in Healthcare: The Growing Promise - and Potential Risks

AI in Healthcare: The Growing Promise - and Potential Risks

How AI Can Help Speed Up Physician Credentialing Chores

How AI Can Help Speed Up Physician Credentialing Chores

Getting a Tighter Grip on Vendor Security Risk in Healthcare

Getting a Tighter Grip on Vendor Security Risk in Healthcare

Stopping Cloud Workload Attacks

Stopping Cloud Workload Attacks

How State Governments Can Regulate AI and Protect Privacy

How State Governments Can Regulate AI and Protect Privacy

Mapping Access - and Attack - Paths in Active Directory

Mapping Access - and Attack - Paths in Active Directory

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ddos.inforisktoday.com, you agree to our use of cookies.