Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    In the discussion of targeted attacks, it is usually taken for granted that they arrived via some sort of spear-phishing attack. The discussion then goes into an analysis of the malware involved and/or the servers used or compromised in the attack.

    However, to avoid attacks in the first place, it is of value to look at the spear-phishing attacks themselves. More information about these attacks would allow administrators to consider which emails could pose a security risk, and design their defenses accordingly.

    With that in mind, we wrote our paper titled Spear-Phishing Email: Most Favored APT Attack Bait. In addition to looking at the attachments and file types used, we also looked at the industries/sectors that are targeted, and investigated the importance of good reconnaissance in launching targeted attacks.

    Among our key findings are just who is targeted by APTs, and how attackers can find them. Just under two-thirds, or 65 percent, of APT campaigns targeted governments. Just over one-third (35 percent) targeted activists.

    In addition, we found that a disturbing number of email addresses can be found online rather easily. Three-fourth of all e-mail addresses that were targets of spear phishing could be found online. This indicates that for would-be attackers, it is very easy to build up a “target list” for any spear-phishing campaigns.

    For our full findings, you can read our paper, which you can download by clicking the link below:

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice