Targeted email attacks, often known as spear phishing, are one of the most prevalent threats to businesses today. The nature of these attacks makes them difficult to detect – many are sent to just to one or a handful of contacts in a chosen company. Even more so, the emails themselves are often so convincing that even the savviest users can be fooled.
Using information found online, and in some cases through in-depth research, someone you’ve never met can masquerade as a colleague with confidence. Major brands are imitated constantly in counterfeit messages. The real trouble however comes from the intent of these attacks – delivering malware and stealing information.
How skilled do you think you are in detecting phishing emails? We’ve created an interactive quiz to put that to the test. Give it a shot here:
How did you do? When we first released this quiz to security professionals at the RSA Conference earlier this year, the average accuracy rate was only 70%. The truth is, identifying a well-crafted spear phishing email is extremely difficult on your own. Missing just one malicious email in a real-life scenario means malware has the chance to infiltrate your network and attempt to steal data.
This tactic is so effective, that experts in the industry have found it to be the main entry point for nearly all successful attacks on business networks:
“95% of all attacks on enterprise networks are the result of successful spear phishing”
– Allen Paller, Director of Research, SANS Institute
Vigilance alone is just not enough. A combination of skilled employees and security technology is the best approach to defending against phishing. McAfee has made strides in its email security technology with the addition of the Gateway Anti-Malware engine (used by ClickProtect, a feature of McAfee Email Protection) and McAfee Advanced Threat Defense – both capable of detecting the malicious payloads that hide within targeted email attacks. Learn more about our email security technology here.
We created this quiz with several objectives in mind. First, we wanted to highlight the significance of spear phishing as a leading tactic in cyber-attacks. Awareness is the first step to prevention. Additionally, everyone needs to play a part in keeping their own organization safe – so we’re trying to educate participants on what to look out for in their own inbox. Finally, we want to show security professionals how they can use advanced technology to protect their most sensitive information. Each can play a role in keeping businesses secure.
Take the chance to help out a colleague – share this quiz and elevate their phishing IQ.