ITM Tech Cybersecurity Essentials Booklet - Flipbook - Page 6
THREATS
PHISHING &
SPEAR PHISHING
Spear phishing or phishing involves
sending emails with malicious
attachments designed to steal
personal information. The phishing
attack can also lead the victim to
an illegitimate website that steals
passwords, credit card details,
business information, and other
sensitive data. A phishing attack
uses technical trickery and social
engineering to achieve its goals.
Attackers employing phishing
choose their targets carefully and
take on the guise of a trusted
source that victims are less likely
to question. The attackers also
use personalised messages that
make the emails look relevant and
trustworthy. As a result, SMBs
might find it challenging to protect
themselves from spear phishing
attacks.
Phishing is one of the most common
forms of cyber threats.
In 2020, phishing
was responsible for
more than 80% of
reported security
incidents.
6
SPEAR
PHISHING
PHISHING
APPROACH
Spray & Pray
Targeted Attack
TARGETING
Broad &
Automated
Specific employee
and/or company
HACKING LEVEL
Not Very
Sophisticated
Requires Advanced
Techniques
THE ATTACK
Usually Obvious
Harder to Detect
WHAT THEY’RE AFTER
Usernames, Passwords,
Credit Card Details, etc.
Confidential Information,
Business Secrets, etc.
