TechEYE.net is reporting that a recent spear phishing campaign is targeting the employees of US-based security companies, universities and defense contractors.
These Attacks Are Different
A spear phishing attack usually involves personalized emails sent to certain individuals, addressing them by their actual names, instead of "Dear Customer" or the like. They are more dangerous than plain phishing attacks, because they seem more legitimate.
However, unlike many phishing attacks, these apparently don't ask the victim to go to a web page and enter their login information to their bank or credit card account. One asks the victim to open an attached PDF file, which then installs a Trojan downloader on the user's machine, which then connects to a website and installs the payload. Another installs a remote access tool on the user's machine. Not good.
Protect Yourself from Phishing Scams
For more on how to protect yourself phishing scams, click here to watch our YouTube video that shows you how to avoid becoming a victim of phishing scams.
While you're there, you can also subscribe to our YouTube channel.
Send Us Your Spam
If you are a customer, are in a free trial period, or just curious about an email that you think is spam, send it to firstname.lastname@example.org. We monitor email threats 24/7/365, and always appreciate your assistance in making our product even better for you.