Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, or individual, seeking unauthorized access to confidential data. The information sought after can be trade secrets in case of organization, personal bank account credentials for financial fraud, or a mix of the two intents.
In the “good old times”, it was relatively easy to spot spear phishing. Nowadays, you should know that you do not have a recently deceased, wealthy relative in Nigeria, nor do you have a package from FEDEX/UPS that you didn’t order. The format and spelling errors in these types of emails made it easy to detect fraud. Most of the antivirus software detects this type of antiquated fraud as well.
The sophistication of spear phishing has reached a level, where identifying email based fraud is pretty much becoming impossible. Antivirus software is mostly useless when it comes to this level of sophistication. Before you start arguing with me; tell me if the email below is fraud or real?
It is a spear phishing email and you did know that, right :)? The question is, will you be able to identify it in your “Inbox” when you’ve just ordered some great SSD drive on sale at Newegg?
Newegg, PayPal,etc., will spell out your full name in emails addressed to you, instead of the general “Dear Customer”. They will not place any links to your account in the body of the email. The other method of detecting a spear phishing attempt is to move your mouse pointer over one of the link without clicking on the links. This is what you’ll see:
The link of “http://roidesrois.org/6qawKCpK/index.html” makes it easy to spot the fraudulent email. Your email client display this for you to determine, if the link is legitimate. There is no software solution that is 100% accurate at detecting these links and as such, it is you who needs to make the decision of “to click, or not to click”. Failure to make the right decision may have dire consequences to your financial status.
The sophistication of this email fraud is quite evident, once all of the links checked:
The link framed in green point to “http://www.newegg.com/index.aspx?nm_mc=TEMC-Payment-Charged-US&cm_mmc=TEMC-Payment-Charged-US-_-header-_-logo-_-Newegg”. You can safely click on these links.
The links framed in red point to “http://roidesrois.org/6qawKCpK/index.html”, where presumably the malicious code is waiting for your click to become active. Bad things can happen to your computer if you click on these links.
With this kind of sophistication, the success rate of spear phishing bound to increase substantially. Learn from the description of this type of email fraud and follow Newegg’s advice, quote:
How do I identify Phishing or Spoofed E-mails?
How do I identify Phishing or Spoofed E-mails? Know that Newegg.com does not and will never ask you for the following information in an e-mail communication:
Your social security number or tax identification number
Your credit card number, PIN number, or credit card security code (including “updates” to any of the above)
Your mother’s maiden name
Your Newegg.com password
Your address, phone number or other personal informationOccasionally, if you place an order with incorrect information, you may receive an email from Newegg.com giving you the opportunity to correct your shipping/billing information. When this occurs you will have to log into the Newegg.com website to input this info. We will not provide you with a link on the e-mail notification to ensure you are responding to a valid communication from Newegg. Another method of identifying a phishing or spooked e-mail is to place your cursor on links or images without clicking. If the hyperlink is an IP address or other than www.newegg.com, DO NOT CLICK the link. Go to www.newegg.com directly and logon. Never submit the information mentioned above directly through an email.
Well said Newegg…
Disclaimer: The email evaluated here has been picked randomly from forwarded emails and did not originate from Newegg as presented in the fraudulent emails. Newegg is a great online merchant with excellent reputation; this post has no intent to undermine their reputation.