Professional Documents
Culture Documents
Preventing Successful Spear Phishing Attacks: Defense-In-Depth
Preventing Successful Spear Phishing Attacks: Defense-In-Depth
Attacks
Now, how to mitigate against attacks like this? There is no single approach that will stop this
threat, but here is what you need to do to be a hard target for criminals:
According to the Canadian Anti-Fraud Centre’s (CAFC) latest report, spear-phishing in 2019 was
the number fraud one attack type based on total dollar loss:
Spear Phishing was responsible for over $21 Million in reported losses – the highest of
any fraud category in their report
It also represented the highest loss/attack, at a little over $48,000 per attack.
Spear phishing requires some initial diligence to identify victims, proper scam messaging, and
contextual details to ensure the scam seems real to the victim. So, given the high average loss in
each attack, it’s less likely these are individuals reporting successful scams, but businesses,
being attacked.
It should also be noted that according to the CAFC, they estimate that only 5% of all fraud
cases are reported, potentially multiplying the losses by a factor of 20!
Businesses need educated employees that are savvy to the ways of cybercriminals. Those
organizations that put employees through continual online Security Awareness Training are best
equipped with the knowledge necessary to see through even the most detailed and targeted of
scams, and to protect the organization by failing to fall for the phish – even one that’s designed
for a specific individual, role, or company.