Why Spear-Phishing Hacks Are So Successful

Uploaded on 2016-09-23 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Exploiting poor security. Tracking with spyware. Creating fake employees. It's all about information gathering.

By now, many healthcare employees know they should not click on unsolicited links or emails, or go to a web site without exercising caution. However, security is not their full-time job. They’re not constantly and closely scrutinizing email for threats, so it’s no wonder that some threats get through.

That’s what spear-phishing hackers are counting on. When a solicitation for information is made by an email recipient and received back by the hackers, that’s when information gathering on the target starts, says Paul Everton, founder of anti-spy mail company MailControl.

Hackers treat information gathering like the CIA does, he notes, gathering enough intelligence on an organization to understand what data it has, who talks to who in the organization, who approves payment or data transfers, and who the organization’s partners are. “The more information leaking out about how you do business and who you do business with makes this possible,” Everton contends.

Most healthcare providers do not know that about 60 percent of all emails are tracked with spyware, which is an email extension that relays user habits such as when and where an email was opened, what links were clicked, and everyone who had the email forwarded to them, according to Everton.

Once the homework is done, a hacker can call a target, posing as another employee, and ask for an invoice for a particular contractor that has a relationship with the healthcare organization, because the hacker found the contractor on the organization’s web site.

Or, a hacker can send an email to an employee with a tracking code and get the employee to send the mail to the organization’s accounting firm. Then, the hacker can email the firm, identify himself and his company, and ask for the company’s customer list, giving a similar company email address that is really going back to the hacker.

Consequently, nothing seems unusual when the fake employee—sending an email under a legitimate employee name and acting in the normal course of business—then says, “We need to pay this vendor $100,000; here’s the account to be approved and here’s where the payment goes.”

The bottom line, it’s all about the information gathering first, Everton says.

Information-Management

 

« New Cyber Tricks Make ISIS Sophisticated
Staff Training 'Not enough to stop most data breaches' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Eden Legal

Eden Legal

Eden Legal provides legal services on commercial and regulatory issues affecting digital businesses.

VTT Technical Research Centre of Finland

VTT Technical Research Centre of Finland

VTT is the leading research and technology company in the Nordic countries. Areas of activity include cyber security.

Guidewire

Guidewire

Guidewire Cyence™ Risk Analytics is a cloud-native economic cyber risk modeling solution built to help the insurance industry quantify cyber risk exposures.

Recorded Future

Recorded Future

Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

SAFECode

SAFECode

SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights on creating, improving, and promoting effective software security programs.

INE

INE

INE is a premier provider of Technical Training for the IT industry.

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity

Breadcrumb Cybersecurity is a cybersecurity and advisory firm. We specialize in penetration testing, threat hunting, incident response, regulatory compliance, and employee training services.

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

BTQ Technologies

BTQ Technologies

BTQ is a global quantum technology company focused on securing mission critical networks.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.

Simpson Associates

Simpson Associates

Simpson Associates is a Data Transformation and managed services provider that helps organisations gain valuable insights from their data and make better-informed decisions.