The phishermen normally send out a lot of bait (spam) in the hopes of hooking a few phish.
Over the last week and a half, spam messages purported to be from the Internal Revenue Service and the Better Business Bureau have been specifically targeting senior-level corporate executives with phishing scams.Spear phishing is simply a more focused form of phishing, which uses more personal touches, such as a person's real name, and or title.
Experts say these targeted phishing attacks, sometimes called "spear phishing," are nothing new, but they illustrate that spammers are getting more adept at targeting sophisticated email users who have access to the most sensitive data within their companies.
With all the information plastered over the Internet, or available for sale; it isn't hard for phishermen to get what they need (personal information) to go spear phishing.
Many private companies and government organizations recognize the danger phishing poses in the workplace. To counter this, and raise awareness; they are phishing their own employees.
Recently, I did a post about this, which revealed more employees fall for this, than many would like to admit:
Technology alone isn't going to stop phishermen and other cyber ghouls on the Internet
There seems to be more and more phishing out there, which might be inspired by DIY (do it yourself) kits being sold over the Internet. DIY kits make it easy for not very sophisticated criminals to become expert phishermen.
The only good news about phishing is that with a little awareness, most people can spot this activity, because the phishing ploy doesn't make much sense, or is too good to be true.
CIO News story, here.
BBB Alert, here.
IRS Alert, here.