You’ve probably heard of phishing, but do you know about spear phishing?
Spear phishing is a type of phishing attack that targets certain organizations and even specific people. It’s more difficult to recognize than regular phishing attacks, because the perpetrators take time and effort to focus in on their targets. Spear phishing attempts can be personalized and look authentic. The scammer might try to gain your trust and then ask you to buy gift cards, wire money, or send sensitive files.
What to Do:
- Be cautious. Don’t automatically trust an email message or phone call. Scammers can fake company logos, sender information, and even phone numbers to trick you.
- Don’t give out personal information publicly. Scammers look for ways to make their communications seem more legitimate. For example, a scammer could earn your trust by mentioning something you shared on social media. Limit the personal data you reveal, and don’t assume an email that includes your personal information is genuine.
- Check into emails or phone calls asking for immediate action. Even if an email seems to come from a company you trust, type the company’s website address into your browser or use a known, verified phone number to call back.
To learn more about recognizing and avoiding spear phishing, check out the Spear Phishing Threats training module at https://go.uillinois.edu/securitytraining.
Stay safe, stay secure. Contact firstname.lastname@example.org with questions or feedback.
-Technology Services Privacy and Security Team