Seemingly, the practice of "spear phishing
" - like traditional phishing attacks
, but where emails are sent targeted and focused on one end user or organisation at a time - is reaching epidemic proportions.
"After a network has been compromised by a spear phishing attack, the attacker installs malicious software that gathers and extracts sensitive private and corporate data, often sold to third parties or used for identity theft or extortion. Attacks, if publicised, can severely damage an organisation's reputation and degrade customer trust," the study warned.
IT Security professionals have been forced to adapt with new security strategies and protocols to cope with this sharp rise in spear phishing attacks. Some firms are even resorting to launching fake attacks against their own employees to test network security levels.