Spear Phishing Remains Preferred Point of Entry in Targeted, Persistent Attacks

Persistent targeted attacks against the government, financial services, manufacturing and critical infrastructure take on many characteristics. Attackers can have different backgrounds and motivations, and the tools they use can range from commodity malware to zero-day exploits.

One characteristic that's consistent throughout most of these campaigns against high profile organizations is the initial means of infiltration - spear phishing.

Nine times out of 10, attackers walk into an organization right through the front door of its Exchange Server, crafting convincing email messages purportedly from a trusted source that either trick the victim into opening an infected attachment or visiting a website where credentials are stolen, or malware is surreptitiously installed on the visitor's machine. In any event, the first wave of the targeted attack kicks off from a lowly email

read the rest