Spear-phishing attacks are on the rise in 2020 – Many organisations have changed their working principles due to Covid-19, and they have adopted remote working principles. However, this has brought challenges since the employees can’t reach the IT Security Teams directly. In this blog, I am going to discuss how spear-phishing attacks have risen in 2020.
1 – Why Spear-Phishing Attacks Are on The Rise in 2020?
Due to COVID-19 shutdown, many businesses have confronted solid challenges related to cybersecurity. The employees working at home have been targeted by Cybercriminals using spear-phishing attacks. Cybersecurity specialists warned about an increase in spear-phishing attacks.
Cybersecurity researchers reported that after the lockup, which started in mid-March and was initially pretty quiet, there was a strong uptick in spam and spear-phishing attacks which were very targeted phishing attacks that had never been seen before.
It’s pretty common to see spear-phishing attacks targeted CEO and CFO. But during this time, we’ve seen well-created spear-phishing emails looking absolutely authentic and legitimate.
IT Securities reported that the spam messages were typical spam messages, written and sent randomly, however unlike the spam messages, spear-phishing attacks were well-crafted and organised.
2 – Hackers Use Breached Accounts
Spear-phishing attacks are becoming more dangerous than other phishing attack vectors. The hackers choose to target customers, vendors who have been the victim of other data breaches.
Criminals are using breached accounts. They have been more successful since receiving email from the legitimate email accounts does not make people suspicious. Also, due to many reasons, most of the people don’t pay attention to the link if the source is legitimate. That means breached accounts have done most of the work in spear-phishing attacks.
That creates a new type of third-party risk in which the compromised accounts are known by the hackers, and they are used for legitimate business requests. Today, cybersecurity teams have changed the way they operate because of the new risk.
3 – Verify The Request Step-by-Step
Researchers have reported that when cybercriminals use compromised accounts, this creates a massive third-party risk. Since unlike other phishing attacks, the attacks come from trusted sources and users need to verify every step of the request they receive to avoid the attacks.
Making a phone call after you receive any request is imperative. Keeping in touch with the person who made the requests and verifying every step of the requests prevents the attacks. But you shouldn’t use email to verify the request because a cybercriminal can be using this email to attack. And the cybercriminal can verify himself in that case. Therefore, the best option will be verifying the email using a phone.
4 – Tips to Avoid Phishing Attacks
- Use Multi-Factor authentication to protect your accounts.
- If you get a suspicious email, delete it.
- Beware of links you get with emails. If It’s from an unknown source, do not click on it.
- Pay attention to attachments in emails. If It’s from an unknown source, do not download or open it.
“This post is originally published at www.keepnetlabs.com”

Teknoloji Haberleri
- Sıra dışı bir doğa olayı: Boston'a yağan kırmızı karının ardındaki karanlık gerçekBir sabah uyandığınızda şehrin üzerini kaplayan karın kırmızı olduğunu hayal edin. 1930'larda Boston'da yaşanan bu gerçeküstü olay, aslında Amerika'nın kalbinde patlak veren devasa bir çevre felaketinin uzak bir yansımasıydı.
- ITER Projesi ve süperiletken mıknatıs sistemi: Nükleer füzyonun potansiyeline bir adım daha!Ticari olarak uygulanabilir füzyonun mümkün olduğunu gösterebilecek en önemli çalışmalardan biri son aşamasına yaklaşıyor: Dünyanın en güçlü süperiletken mıknatıs sistemi, ITER projesinin bir parçası olarak yola çıktı.
- Sony, yeni amiral gemisi telefonu Xperia 1 VII'yi tanıtmak için hazırSony, Alpha teknolojisiyle güçlendirilmiş yeni amiral gemisi telefonu Xperia 1 VII'nin lansman tarihini resmi olarak açıkladı. Kamera performansı, güçlü donanım ve klasik bir tasarımla birlikte gelmesi beklenen Xperia 1 VII'nin bilinen tüm detayları içeride!
- Anker Soundcore Sleep A20 İncelemeAnker, Soundcore markasıyla ürettiği kulaklılara bir yenisini ekledi ancak bu kulaklık telefon aramalarına cevap vermek için değil, uyumanızı kolaylaştırmak için tasarlanmış bir uyku kulaklığı. Peki uyku kulaklığı nedir ve Sleep A20 nasıl çalışıyor? İnceledik!
- Galaxy S25 Edge'in tanıtım tarihi belli oldu: İşte ultra ince telefon hakkında bildiklerimizSamsung, ultra ince telefonu Galaxy S25 Edge'in tanıtım tarihini açıkladı. İnce tasarım, titanyum gövde ve yapay zeka destekli kamera sistemine sahip olması beklenen Galaxy S25 Edge, estetikle performans arasında bir denge arayışının ürünü olacak gibi duruyor.