Page 122 - Cyber Defense eMagazine December 2022 Edition
P. 122
The Psychology Behind Spear Phishing Scams
By Dr. Yvonne Bernard, CTO, Hornetsecurity
Criminals are increasingly using fake emails to exploit their victims for financial gain and are
using spear phishing takes the well-known social engineering scam to a new dimension.
Employees training needs to encompass both fast and slow thinking systems to combat this
cyber-attack.
Social engineering has been practiced for many decades, if not centuries! At its core, it's always the same
thing. Fraudsters try to worm their way into gaining the trust of their victims to get them to hand over
money or other assets. A prominent example is the con artist Frank Abagnale, whose story was made
into the 2002 crime comedy "Catch Me If You Can." To obtain cash, he disguises himself as a security
guard and sets himself up at the airport next to a locking system where funds from the ticket counter are
deposited. When Abagnale pins the note "Out of order - please leave with security guard," his uniform
seems so confidence-inspiring that people press the bills into his hand by the dozen.
First: Indiscriminate shipping to many recipients
With the advent of the Internet, new social engineering methods were established, with fraudsters making
contact via fake emails. In classic phishing, large volumes of electronic messages are sent
indiscriminately to countless recipients. The aim of the senders is to trick the addressees into disclosing
confidential information, opening harmful links and attachments, or making payments to third-party
Cyber Defense eMagazine – December 2022 Edition 122
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
