Cisco Cisco Email Security Appliance X1070 White Paper
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 8
White Paper
Targeted Phishing
Email is the medium most organizations have come to rely on for communication.
Unfortunately, most incoming email is unwanted
Unfortunately, most incoming email is unwanted
—or even malicious. Today’s modern
spam-blocking appliances have little problem sorting the vast majority of
unsophisticated spam campaigns, leaving end-user in boxes filled with only legitimate
email. That’s in spite of the fact that more than 87 percent of incoming mail consists of
spam or abusive messages, according to the Messaging Anti-Abuse Working Group
(MAAWG).
unsophisticated spam campaigns, leaving end-user in boxes filled with only legitimate
email. That’s in spite of the fact that more than 87 percent of incoming mail consists of
spam or abusive messages, according to the Messaging Anti-Abuse Working Group
(MAAWG).
To get around advanced antispam technology, online criminals are becoming more dangerous and sophisticated.
In addition to enticing a spam recipient to buy a dubious product, more lucrative phishing attacks seek to glean
users’ personal information, such as names and addresses, and even login information for their banks. Although
users’ personal information, such as names and addresses, and even login information for their banks. Although
the number of such phishing emails being sent is still relatively low, it is increasing, and the danger for intended
victims is high. As Internet users become more adept at detecting clumsy attempts to phish personal information,
spammers are selectively phishing smaller and smaller demographics with content that appeals specifically to each
group. This form of highly targeted, socially engineered email is called targeted phishing,
or “spear phishing, and
can fool even the savviest of Internet users.
Trends and Solutions
Since the late 1990s, phishing emails (messages designed to fool the recipient into revealing personal information,
such as login names and passwords) have been flooding email inboxes. The phishers
—the online criminals who
create emails that mimic messages from well-known online services or legitimate companies
—typically send out
millions of emails at a time, in hopes of stealing the online banking or other login names and passwords of even
just a few recipients.
The trend continues today, but phishers have improved their game. Emails are media rich with the correct business
logos, have proper spelling and grammar, and often use URLs leading to websites that mimic the institution
targeted.
The Growth and Payoff of Targeted Phishing
A growing percentage of email-borne attacks are targeted phishing attacks, where a specific organization, or group
of individuals, is singled out. The targets receive cleverly crafted phishing messages that are designed to solicit a
deeper level of personal data, such as login and password information that can grant access to corporate networks
or databases filled with sensitive information. In addition to soliciting login information, targeted phishing emails can
also deliver malware: for instance, keystroke-logging programs to track everything the victim types.
Targeted phishing costs online criminals more time and money than traditional phishing campaigns. The scammers
need to rent or steal lists of valid email addresses for a target organization, or group, and then create plausible
emails that are likely to lure their recipients into supplying personal data. However, when targeted phishing
succeeds, it has the potential for a bigger payoff, making the investment worthwhile.