01455 247 830
07897 001 247
Back to targeted cyber attacks

What is a spear phishing attack?

According to the National Cyber Security Centre phishing traditionally describes malicious emails that are sent out in large quantities in the hope that eventually one will arrive in the inbox of someone who happens to use that bank, or has just made a purchase at that online retailer, or is just having a bad day, and they click. However, spear phishing is where the phisher has targeted a specific person or organisation and has spent time to create an email containing enough accurate information to make them click.
You may also hear the term whaling, which is a type of spear phishing that targets a 'big phish', typically business directors, board members or those with access to information that would be tempting to a phisher.

How can you defend against a spear phishing attack?

The National Cyber Security Centre recommends a multilayer approach to defending against phishing attacks, including spear phishing. Rather than relying solely on users ability to spot phishing emails, they suggest that technical measures should also be included. 

They split their recommended defences into four layers:


Make it difficult for attackers to reach your users


Help users identify and report suspected phishing emails


Protect your organisation from the effects of undetected phishing emails


Respond quickly to incidents

A full summary of their multi-layered approach to phishing defences is outlined below. 
If you would like advice on how to implement a multilayered approach to prevent phishing impacting your business, please contact us today and our helpful team will be more than happy to talk you through the various options available to your business.

The National Cyber Security Centre

The National Cyber Security Centre website, www.ncsc.gov.uk, is a great resource and contains helpful information on how to recognise and report emails, texts, websites, adverts or phone calls that you think are trying to scam you.
Learn More About Phishing

Concerned that you might be the victim of a cyber attack?

Call us nowMore Info

IT3000 Limited

At IT3000 we are an ISO 9001 and ISO 27001 accredited Midlands and South West based IT support/ managed services provider who specialise in providing IT support and services to organisations nationwide. Our extensive help desk team, as well as offices in Leicestershire and Dorset allow us to work with a wide variety of companies across the UK.
Join Our Mailing List
Copyright © 2023 IT3000 Limited
IT3000 Limited, The Barn, Bridge Farm, Holt Lane, Ashby Magna, Lutterworth, Leicestershire, LE17 5NJ
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram