Spear Phishing – It Can Happen to Anyone

Spear Phishing Attack

I’ve been in the Network Security industry for more than 20 years, which may be the only reason my entire life was not compromised.

One Simple Change

In June of this year, I changed my LinkedIn status from “Business Development Manager” to “VP of Sales” due to a job promotion. Somehow, that one simple change triggered a series of events that could have negatively impacted my financial assets, my credit score, and my Internet presence.

Here is What I Think Happened

Somehow, a phisher found my promotion announcement on LinkedIn. After reviewing, this phisher went to my Facebook account. My Facebook page shows I am married and to whom¬–that’s when the phisher set his/her plan into action.

Acquiring a fake email address, the phisher used my wife’s name with the exact same spelling. This is a bit unique because she is Swedish. The prefix was spelled correctly. Then the phisher obtained my email address from LinkedIn and sent me an email with her name as the prefix and a suffix that I didn’t recognize. We were in the middle of refinancing our house and the email attachment was labeled “Documents,” which seemed perfectly legitimate at the time. The subject line was “Please review these.”

Being in the industry, I just happened to look at her email address again. It just looked strange. After a couple of seconds, I realized I didn’t recognize the suffix part of the address. It wasn’t from @yahoo.com or @gmail.com. Instantly, I knew it was coming from outside the U.S.

THAT was the moment I realized I was being phished. I didn’t open the attachment. I immediately deleted the email and ran a complete Trend Micro scan to make sure there wasn’t anything suspicious on my computer. Luckily, there wasn’t.

Bottom Line

I know it takes a little extra time, but be mindful of your emails. Take a second or two to ask yourself, “Does this look right?” People will always appreciate a text or an email asking them, “Did you send this to me?” That vigilance may save you, or your company substantial sums of money!

By | 2018-02-05T05:46:24+00:00 January 23rd, 2017|Network Security|Comments Off on Spear Phishing – It Can Happen to Anyone