At the June 29th Content Protection Summit EU held by the Content Delivery & Security Association, Chris Taylor, director of the Media and Entertainment Information Sharing and Analysis Center (ME-ISAC), said that spear phishing is fraudulent email that targets a specific organization, while whale phishing targets a specific person at that organisation, such as the CEO or another executive. ME-ISAC is a CDSA initiative.
Either way, 94% of malware is delivered via email, and recipients who click on links in those emails are taken to fraudulent Web sites designed expressly to trick visitors to enter User IDs and passwords. One researcher claims that 70% of newly registered domains are malicious.
Mr Taylor went on to identify five red flags to help recognize phishing email, and what to do when you receive one.
Read full article via MESA
Why it matters
Phishing attacks help spread media piracy, by promoting fraudulent apps that appear legitimate but act as vehicles to implant malware on recipients’ devices, steal personal information, or to steal content received by the device. Innocuous subject lines like “Update available for download” or “Time to change your password” can set the fraudster’s wheels in motion. Phishing emails received at work could also place organizational resources at risk.
“It is more important than ever to detect, educate and defeat phishing attacks on an organisation’s employees and infrastructure, based on the huge number of phishing attacks seen since the start of 2020,” said Mr. Taylor.