• James D. Lynch

Beware of "Spear Phishing"

Phishing is when a scammer sends out e-mail messages in an attempt to scam victims into revealing private information. "Spear Phishing" differs from regular phishing in that the scammer has researched the victim before sending the message. Spear phishers will craft the e-mail to make it seem like they know a lot about the victim in order to increase the odds that the victim will reveal their secret information.


The email, disguised as being from a trusted source, may seek to have victims voluntarily disclose sensitive information such as bank account information, social security numbers, or passwords. For example, the scammer may send an e-mail claiming to be the victim's tax preparer (and the scammer may even use the victim's and tax preparer's real names in the e-mail). The scammer may then make an urgent plea for the victim's social security number.


Alternatively, the e-mail may encourage the victim to open a link or attachment that actually downloads malware onto the computer, such as a keylogger. Once installed, the keylogger secretly records every keystroke typed on the computer, which is then made available to the scammer.


If you receive an e-mail request for sensitive data that appears to be from a trusted source, you should call or text that trusted source in order to verify whether or not the e-mail did in fact come from them.