Ver
·
Phishing
Phishing
dirigido de forma que se maximiza la probabilidad de que el sujeto objeto del
ataque pique el anzuelo.
An attack where social
engineering techniques are used to masquerade as a trusted party to obtain
important information such as passwords from the victim
ISACA, Cybersecurity
Glossary, 2014
Spear phishing is an e-mail
spoofing fraud attempt that targets a specific organization, seeking
unauthorized access to confidential data. Spear phishing attempts are not
typically initiated by "random hackers" but are more likely to be
conducted by perpetrators out for financial gain, trade secrets or military
information.
As with the e-mail messages
used in regular phishing expeditions, spear phishing messages appear to come
from a trusted source. Phishing messages usually appear to come from a large
and well-known company or Web site with a broad membership base, such as eBay
or PayPal. In the case of spear phishing, however, the apparent source of the e-mail
is likely to be an individual within the recipient's own company and generally
someone in a position of authority.
http://searchsecurity.techtarget.com/
A targeted phishing attempt
that seems more credible to its victims and thus has a higher probability of
success. For example, a spear phishing e-mail may spoof an organization or
individual that the recipient actually knows.
Cybersecurity for Dummies, Palo
Alto Networks Edition, 2014