Skip to content

Spear Phishing: Your Data at Risk

Spear phishing attacks are especially insidious. An attacker targets an employee in an attempt to trick him into releasing confidential data.

These attackers may use your public directory to identify a likely target and send him an “urgent” request ostensibly from a higher-up. An employee who thinks he’s fulfilling a legitimate request can release confidential data before anyone has a chance to prevent it.

There are several techniques that can help prevent embarrassing, and expensive, data loss.

First, every company should educate their employees so that they understand data security. For example, confidential data should never be sent via email. Users should also be aware that email addresses can easily be faked (called spoofing), so any unusual request for data should be verified in person. Employees are the first line of defense against spear phishing attacks.

However, there is always a chance that an employee will be tricked by one of these attacks, so it’s important that you have other lines of defense in place.

Because spear phishing attacks are usually delivered through email, ensure that your company email provides security measures like encryption, address verification, and two-factor authentication.

Encrypting your data will ensure that unauthorized people can’t access it even if they do manage to acquire a file. All confidential data should be encrypted, and employees should be taught how to use encryption technology.

Email address verification will alert, or prevent delivery, of emails from addresses that differ from what they claim to be. Because spear phishing attacks typically rely on spoofed email addresses, this is a critical step in securing company data.

Finally, two-factor authentication will prevent unauthorized access to company email or resources even when a user’s password has been compromised. Because two-factor authentication requires a second authentication, like a pin that is generated by a separate device or texted to a user’s phone, a hacker will still be unable to access the user’s account.

It’s important to work with a security professional to assess individual company needs and find and fix vulnerabilities. Please contact us to arrange for a consultation.

a close up of a radio with the time displayed

Why You Need a UPS in Your Network Equipment

Apart from securing your computer network against breaches, it is advisable to ensure that the network hardware is plugged into a UPS (uninterruptible power supply) system.

the word rules spelled with scrabble tiles

What Are The Three Rules of HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) lays out three rules for protecting patient health information, namely: The Privacy

wheel house it logo

Let's Start a Conversation

Fill out the form below and a member of our team will contact you within 10 minutes. (Mon-Fri 8am-6pm EST)

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Let's Start a Conversation

Rory from wheel house IT

Call (954) 474-2204, option 2 to speak with a representative.

Send us an email at

Or contact us by form below:

"*" indicates required fields

This field is for validation purposes and should be left unchanged.