Why Spear-Phishing Hacks Are So Successful

Uploaded on 2016-09-23 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Exploiting poor security. Tracking with spyware. Creating fake employees. It's all about information gathering.

By now, many healthcare employees know they should not click on unsolicited links or emails, or go to a web site without exercising caution. However, security is not their full-time job. They’re not constantly and closely scrutinizing email for threats, so it’s no wonder that some threats get through.

That’s what spear-phishing hackers are counting on. When a solicitation for information is made by an email recipient and received back by the hackers, that’s when information gathering on the target starts, says Paul Everton, founder of anti-spy mail company MailControl.

Hackers treat information gathering like the CIA does, he notes, gathering enough intelligence on an organization to understand what data it has, who talks to who in the organization, who approves payment or data transfers, and who the organization’s partners are. “The more information leaking out about how you do business and who you do business with makes this possible,” Everton contends.

Most healthcare providers do not know that about 60 percent of all emails are tracked with spyware, which is an email extension that relays user habits such as when and where an email was opened, what links were clicked, and everyone who had the email forwarded to them, according to Everton.

Once the homework is done, a hacker can call a target, posing as another employee, and ask for an invoice for a particular contractor that has a relationship with the healthcare organization, because the hacker found the contractor on the organization’s web site.

Or, a hacker can send an email to an employee with a tracking code and get the employee to send the mail to the organization’s accounting firm. Then, the hacker can email the firm, identify himself and his company, and ask for the company’s customer list, giving a similar company email address that is really going back to the hacker.

Consequently, nothing seems unusual when the fake employee—sending an email under a legitimate employee name and acting in the normal course of business—then says, “We need to pay this vendor $100,000; here’s the account to be approved and here’s where the payment goes.”

The bottom line, it’s all about the information gathering first, Everton says.

Information-Management

 

« New Cyber Tricks Make ISIS Sophisticated
Staff Training 'Not enough to stop most data breaches' »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Rockwell Automation

Rockwell Automation

Rockwell Automation offer industrial security solutions to protect the integrity and availability of your complex automation solutions.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

Sensible Vision

Sensible Vision

SensibleVision helps organizations transparently protect data and prevent costly security breaches by constantly verifying the identities of people who use computers or mobile devices.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

ENLIGHTENi

ENLIGHTENi

ENLIGHTENi are the platform to develop next-gen talent in Technology, Risk, and Cybersecurity. Our mission is to develop next-gen talent through challenge-based learning and team collaboration.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

Schneider Downs

Schneider Downs

Schneider Downs & Co. provides accounting, tax and business advisory services through innovative thought leaders who deliver their expertise to meet the individual needs of each client.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

BlackSignal Technologies

BlackSignal Technologies

BlackSignal Technologies provides cybersecurity, digital signal processing and electronic warfare products to help DOD and IC agency customers counter near-peer threats and security challenges.

Secure Domains

Secure Domains

Secure Domains is the first company in the GCC to offer cloud-based DNS firewall services and security through its flagship SaaS product, DNS Armor.

Leapfrog Services

Leapfrog Services

Leapfrog offers outsourced managed IT + cybersecurity services that are scalable, aligned, and fit easily into your business model.