Advanced Spear Phishing: The Rise of Industrial Phishing Attacks

19 March 2013

Phishing has evolved, until recently, email defence systems have been fortunate in that attackers faced a cost/volume trade-off. That is, crafting an email-borne attack that was highly unique and highly randomized (and thus more likely to pass defence systems) was a largely manual effort, which limited the scope of such customized attacks. Attacks that were more broadly-distributed were less customized and more easily filtered by email security solutions, as a result. Both types of attacks resulted in sufficiently low penetration rates that IT teams often had a chance to detect and remediate such breaches before significant harm occurred.

However, today’s advanced phishing tactics may have overcome the cost/volume trade-off. Borrowing tactics from cloud computing and database marketing, attackers are now engaging in industrial-scale phishing attacks that leverage sophisticated customization and delivery techniques.

This whitepaper dubs these new techniques 'longline' phishing or advanced spear phishing. These attacks have markedly higher penetration rates than the traditional phishing attack. They also have surprisingly high recipient clickthrough rates - higher than 10% in the attacks studied for this report.

* * * * -