Lateral Movement: Spear Phishing Detection and Intelligent Response
Attacker Objective: Access Critical Applications
Threat Type: Lateral Movement
A small group of employees at a petroleum refining giant were targeted by a sophisticated spear phishing campaign aimed at stealing credentials to access important information and applications.
The targeted nature of spear phishing makes it especially dangerous because most often, an organization does not become aware of compromised credentials until they’re already being used by bad actors. This is because the people being “phished” willfully click on malicious links or provide credentials to attackers who have become extremely adept at spoofing emails to look legitimate. With so much information about a person’s professional and personal lives available online publicly, it’s increasingly easy for attackers to deceive their targets.
However, while spear phishing attacks vary based on the attacker and the target, there are certain tactics, techniques and procedures (TTPs) common in almost all attacks of this nature. For example, even targeted campaigns are rarely isolated to a single user, so once an email is delivered, a small number of users will typically “take the bait” and click on a link.
Dig Deeper with These Resources
Real World Incidents Detected and Stopped by Awake
Organizations across industries use Awake every day to identify and stop modern threats from both internal and…
EMA Top 3 Report and Decision Guide for Security Analytics
This Enterprise Management Associates (EMA) report identifies the leading priorities organizations face with resolving challenges and meeting…