Your weekly roundup of the latest infosec news and resources, including a breakdown of what spear phishing attacks are and how to spot them.
SPOTLIGHT ON: SPEAR PHISHING
We all know we should be wary of emails from unfamiliar sources, especially ones with unusual requests or links to offers that seem too good to be true. But what many may not realize is just how good criminals have gotten at crafting seemingly legitimate messages that can even appear to come from people we know and trust.
While the specific cause and strain of ransomware used in the attack is still unconfirmed, researchers believe a targeted email with a malicious Word document attachment may have been responsible for shutting down the hospital's network and costing it $17,000 in ransom. — Invincea
With tax filing season well underway, scammers have a new trick up their sleeves — spoofing emails from a target organization's CEO and asking human resources and accounting departments for employee W-2 information. — Krebs on Security
Having the proper endpoint protection installed will give your users a critical safety net, but teaching them how to spot a phishing or spear phishing email in the first place should be a top priority. — TechRepublic