Skip to main content

How does Cyber Criminals Spear Phish you?

  1. Cyber Criminals will scan thru internet and target business that 
    • Multiple presence globally
    • Have overseas customers
    • Have overseas suppliers
    • Doing regular bank transfer payment
  2. From your website, study your nature of your business
  3. Thru social engineering, ask for the finance/accounts key person's email address 
  4. Thru social media like Facebook, LinkedIn, study how to target the key person. 
  5. From the domain information, the cyber criminal can know whether the user is a Google, Office 365 or Domain Registrar POP/IMAP Mail Hosting  
  6. Obtain the key person email password by directing you to go to the fake website to authenticate identity and password.
  7. After obtaining the mail login credentials, login to webmail and setup 3 forwarding email rules to monitor your activities silently (See Below)
    • Email that has certain keywords in the subject or body like "late payment", "wire transfer", "due payment" and so on (See Below)
      • to identify potential victim 
    • Email sending "TO" certain email address of the potential victim
      • to monitor, analyse and plan for the right time to strike
    • Email receiving "FROM" certain email address of the potential victim
      • to monitor, analyse and plan for the right time to strike
  8. Buy a suitable similiar domain name under a fake identity
  9. Send email phishing to the targeted email address (planning for the next victim)
  10. Send spear phishing (phase 1) to the targeted email address to remind on upcoming payment
  11. Send spear phishing (phase 2) to the targeted email address to follow up on upcoming payment
  12. Send spear phishing (phase 3) to the targeted email address requesting for a change in bank account and to make a bank transfer 
The best way to know whether you are a victim of spear phishing is to check your email rules.

For Office 365 users

  1. In a web browser, sign in to Outlook Web App using the URL provided by the person who manages email for your organization. Enter your user name and password, and then select Sign in.
  2. At the top of the page, select Settings > Options.
  3. In Options, select Organize email > Inbox rules.

For Google users

  1. Login to Gmail
  2. Near the top right, select the Gear Icon and click on "Settings"
  3. Select "Filters and Block addresses"
  4. Go thru the rules





Over the years, cyber criminals have learnt how to monetize their criminal activities. It is so amazingly well structured and highly automated as well.

Are You in High Risk Group?

  • Your domain is using .com or .net
    • .com.sg or .sg are safer as you will need a SingPass to register these domain
  • If your domain has these letters 
    • g → q
    • m → rn (r & n)
    • n → ri (r & i)
    • i → 1 (numeric 1)
    • w → vv (2 v)  
    • d → cl (c & numeric l)
  • Multiple presence globally
  • Have overseas customers
  • Have overseas suppliers
  • Doing regular bank transfer payment
  • Do not have Endpoint Security
  • Do not have secure VPN/2FA
  • Use android phones
  • Do not change password regularly
  • Access webmail on public and friends PC/Notebook
  • Your email might be compromised - You can check here https://haveibeenpwned.com/ 

Comments

Post a Comment

Popular posts from this blog

The Internet allows businesses of all sizes and from any location to reach new and larger markets and provides opportunities to work more efficiently by using computer-based tools. Whether a company is thinking of adopting cloud computing or just using email and maintaining a website, cybersecurity should be a part of the plan. Theft of digital information has become the most commonly reported fraud, surpassing physical theft. Every business that uses the Internet is responsible for creating a culture of security that will enhance business and consumer confidence. SME Cyber Security Broadband and information technology are powerful factors in small businesses reaching new markets and increasing productivity and efficiency. However, businesses need a cybersecurity strategy to protect their own business, their customers, and their data from growing cybersecurity threats. To know more CyberSecurity  https://www.winpro.com.sg/it-security/ IT Support, IT Company, IT Services Win-Pro S
1 comment
Read more
Have I Been Pawned?   Check whether your email address that has been compromised in a data breach AbuseIPDB : Provides reputation data about the IP address or hostname BrightCloud URL/IP Lookup : Presents historical reputation data about the website Desenmascara.me : Flags websites suspected of selling counterfeit products FortiGuard lookup : Displays the URL’s history and category Google Safe Browsing : Look up the website’s current status hashdd : Provides historical data about IPs, URLs, etc. IBM X-Force Exchange : Provides historical data about IPs, URLs, etc. Joe Sandbox URL Analyzer : Examines the URL in real time Is It Hacked : Performs several checks in real time and consults some blacklists IsItPhishing : Assesses the specified URL in real-time Kaspersky Threat Intel Portal : Looks up the IP, URL, or domain in a blacklist Norton Safe Web : Presents historical reputation data about the website Palo Alto Networks URL Filtering : Looks up the URL in a blacklist Phis
Post a Comment
Read more
What is Phishing? Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site. What is Spear Phishing? Spear-phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons. This is achieved by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online. The attackers then disguise themselves as a trustworthy friend or entity to acquire sensitive information, typically through email or other online messaging. The main difference betwen  Phishing  and  Spear Phishing , i
1 comment
Read more