Spear-phishing attacks are on the rise in 2020 – Many organisations have changed their working principles due to Covid-19, and they have adopted remote working principles. However, this has brought challenges since the employees can’t reach the IT Security Teams directly. In this blog, I am going to discuss how spear-phishing attacks have risen in 2020.
1 – Why Spear-Phishing Attacks Are on The Rise in 2020?
Due to COVID-19 shutdown, many businesses have confronted solid challenges related to cybersecurity. The employees working at home have been targeted by Cybercriminals using spear-phishing attacks. Cybersecurity specialists warned about an increase in spear-phishing attacks.
Cybersecurity researchers reported that after the lockup, which started in mid-March and was initially pretty quiet, there was a strong uptick in spam and spear-phishing attacks which were very targeted phishing attacks that had never been seen before.
It’s pretty common to see spear-phishing attacks targeted CEO and CFO. But during this time, we’ve seen well-created spear-phishing emails looking absolutely authentic and legitimate.
IT Securities reported that the spam messages were typical spam messages, written and sent randomly, however unlike the spam messages, spear-phishing attacks were well-crafted and organised.
2 – Hackers Use Breached Accounts
Spear-phishing attacks are becoming more dangerous than other phishing attack vectors. The hackers choose to target customers, vendors who have been the victim of other data breaches.
Criminals are using breached accounts. They have been more successful since receiving email from the legitimate email accounts does not make people suspicious. Also, due to many reasons, most of the people don’t pay attention to the link if the source is legitimate. That means breached accounts have done most of the work in spear-phishing attacks.
That creates a new type of third-party risk in which the compromised accounts are known by the hackers, and they are used for legitimate business requests. Today, cybersecurity teams have changed the way they operate because of the new risk.
3 – Verify The Request Step-by-Step
Researchers have reported that when cybercriminals use compromised accounts, this creates a massive third-party risk. Since unlike other phishing attacks, the attacks come from trusted sources and users need to verify every step of the request they receive to avoid the attacks.
Making a phone call after you receive any request is imperative. Keeping in touch with the person who made the requests and verifying every step of the requests prevents the attacks. But you shouldn’t use email to verify the request because a cybercriminal can be using this email to attack. And the cybercriminal can verify himself in that case. Therefore, the best option will be verifying the email using a phone.
4 – Tips to Avoid Phishing Attacks
- Use Multi-Factor authentication to protect your accounts.
- If you get a suspicious email, delete it.
- Beware of links you get with emails. If It’s from an unknown source, do not click on it.
- Pay attention to attachments in emails. If It’s from an unknown source, do not download or open it.
“This post is originally published at www.keepnetlabs.com”

Teknoloji Haberleri
- ByBit Vakası ve Lazarus Grubu: Kripto paraların 2025 yılı zorluklarla başladı2025’in ilk çeyreğinde, kripto para piyasası 197 farklı güvenlik ihlaliyle 1,67 milyar dolardan fazla kayıp yaşadı. ByBit saldırısı ve Lazarus Grubu’nun etkisi tartışmaların merkezinde.
- Tepkisiz itme teknolojisi, fiziksel sınırları zorluyor: Heyecan verici iddialarEski NASA mühendisi fiziğe meydan okuyabileceğini ve Dünya'nın yerçekiminin üstesinden gelebileceğini söylüyor. Charles Buhler, geliştirdiği cihazın elektrostatik basıncı manipüle ederek sürdürülebilir bir itme gücü oluşturduğunu iddia ediyor.
- Çinli markaya ait... 7 bin otomobil taşıyan gemi Türkiye'ye geldiÇinli BYD'nin araç taşıma gemisi "BYD CHANGZHOU", 7 bin araçla Kocaeli'nin Derince ilçesindeki Safiport Limanı'na yanaştı.
- Beyin yakan film Zindan Adası ile ilgili az bilinen 9 detayMartin Scorsese imzalı 2010 yapımı Zindan Adası filmi aradan geçen yıllara rağmen hala internette aranan filmler arasında. Peki, Zindan Adası filminin konusu nedir? İşte Zindan Adası filmiyle ilgili az bilinen 9 detay, filmin konusu, künyesi...
- iPhone 16 almak mı, iPhone 17'yi beklemek mi? Hangisini daha mantıklı?iPhone 17 için beklemek mi, hemen şimdi bir iPhone 16 satın almak mı? Eğer yeni bir iPhone almayı planlıyorsanız, hangisini yapmanız daha mantıklı?