2019 State of Email Security Report
Actionable steps to improve your organization’s email security and cyber resilience.
Prevent a spear phishing attack with Mimecast.
A spear phishing attack is an email-based threat seeking to dupe employees with email messages appearing to come from a trusted source. A spear phishing attack may attempt to get an employee to divulge credentials or other confidential information, or convince them to click on a malicious link, open a weaponized attachment or visit a malicious website.
The vast majority of hacking attacks today begin with a phishing or spear phishing attack. The damage from phishing threats can be devastating, costing your organization millions of dollars in disruption to business, damage to reputation and loss of customer confidence and loyalty.
Mimecast secure email services provide a critical defense to protect against a spear phishing attack as well as other advanced threats, viruses, malware, spam and data loss. With Mimecast's cloud-based secure email service, you can achieve always-on and always up-to-date protection eliminating the cost and complexity of traditional email security solutions.
Mimecast targeted threat protection provides critical defenses against the two most common forms of a spear phishing attack: malicious links and email and weaponized attachments.
Targeted Threat Protection – URL Protect provides real-time scanning of all URLs in incoming email as well as archived emails. When a link in an email is clicked, the destination website is scanned in real time for potential threats before it's opened in the user's browser. Mimecast opens safe sites normally, while blocking access to suspicious sites and displaying a warning page. URLs are scanned on every click to protect against a scenario where a URL that was safe on the first click is compromised at a later date. This kind of wholesale protection provides greater security than attempting to identify and isolate a single spear phishing attack.
Targeted Threat Protection – Attachment Protect neutralizes the threat from a weaponized or malware-containing attachment. Every attachment is preemptively sandboxed and checked before being delivered to employees. Mimecast also offers an optional transcription service that automatically converts attachments into a safe format to eliminate any malicious code.
Mimecast Targeted Threat Protection provides:
What is a spear-phishing attack?
A spear-phishing attack is a type of cybercrime where attackers send emails that appear to be from a known or trusted sender. The email is designed to convince an individual to share sensitive information or take action that allows attackers to steal data or money, to access accounts or to download malware. While a phishing attack is directed at a broad number of people, a spear-phishing attack is highly targeted to one or more individuals.
How does a spear-phishing attack work?
In a spear-phishing attack, attackers use details about an individual, typically from online profiles or social media accounts, to convince the individual that an email is from someone they know trust. In the email, the recipient is asked to open an attachment or click on a link that takes them to a spoofed website where they are asked to enter sensitive information like passwords, account numbers, credit card details and other data that attackers can use to access accounts or steal an identity. A spear-phishing attack may also download malicious software to the recipient’s computer which can be used to inflict further damage.
How to recognize a spear-phishing attack?
Because a spear-phishing attack is highly targeted to a specific individual, it is much more difficult to spot than other email-borne threats. Some of the things to look for include:
What to do during a spear-phishing attack?
If you suspect you have fallen prey to a spear-phishing attack – if you’ve already clicked on a link, opened an attachment or provided sensitive information – you should immediately:
How to avoid a spear-phishing attack?
Avoiding a spear-phishing attack usually involves a variety of preventive measures.