![](https://d15shllkswkct0.cloudfront.net/wp-content/blogs.dir/1/files/2011/08/hurricane-irene-doppler.png)
![](https://d15shllkswkct0.cloudfront.net/wp-content/blogs.dir/1/files/2011/08/hurricane-irene-doppler.png)
Spear-phishing has proven to be a far more effective means of breaching a network, whether that of a consumer or an enterprise, than it has been for the past few years. Major events, such as the tsunami and following earthquake that struck Japan not too long ago, act as triggers for wide-scale spear-phishing campaigns. Hurricane Irene may set off the next wave of attacks, warns the U.S. Department of Homeland Security.
What’s interesting is that the agency, entrusted with protecting critical infrastructure targets, released a warning to public and private sector organizations to look out for these attacks.
The warning reads:
“These emails may appear to originate from a reputable source, with the email subject closely aligned to the event and usually of interest to the recipient. Network administrators and general users should be aware of these attempts and avoid opening messages with attachments and/or subject lines related to physical events.”
Spear-phishing attacks set out to breach as many users’ PCs as well as possible usually take a fairly generic attack vector, but because it only takes one entry point to get into an enterprise network, this kind of attacks is far more targeted. And as consequence much harder to detect.
While targeting is the big trend when it comes to more serious phishing efforts, search is king on the consumer level (right next to social media). Hackers quickly setup fake websites to lure in unsuspecting users following the killing of Osama bin Laden, and this trend persisted following the news of singer Amy Winehouse’s death.
Search engines and social media sites such as Facebook are used as a platform for phishing attacks, but they’re making efforts to help users avoid these scams. Google’s evolving malware detection system and a feature added to Windows Live Hotmail that enables users to report friends they suspect to have been infected are two very good examples.
THANK YOU