Use of Spear Phishing Exercises to Increase Security Awareness

Author:
Allen M. Smith, Nancy Y. Toppel
File Size:
328.69 kB
Date:
01 July 2010
Downloads:
2828 x

Spear phishing, targeted e-mail that attempts to extract sensitive information without authorization, is a growing concern for individuals who need to protect their personal information and companies that need to safeguard their intellectual property. Technical controls on networks and systems cannot totally prevent spear phishing e-mail from reaching users’ e-mail inboxes, thereby requiring the e-mail recipients to understand how to recognize spear phishing attempts. To underscore the risks and importance of handling spear phishing e-mail appropriately, a security awareness method with immediate impact is needed.

Use of Spear Phishing Exercises to Increase Security Awareness