Spear Phishing: Catching the Big One

  • 3 August 2020
  • 1 reply
  • 1375 views
Spear Phishing: Catching the Big One
Userlevel 7
Badge +48

On deck in our types of phishing series: Spear phishing.

Where most phishing attacks cast a wide net, hoping to entice as many users as possible to take the bait, spear phishing involves heavy research of pre-defined, high-dollar target—like a CEO, founder, or public persona—often relying on publicly available information for a more convincing ruse.

FYI: When the target is sizeable enough, spear phishing is sometimes called ‘whaling.’

 

Landing the Big One

SIM swapping is a type of spear phishing where attackers phish a target’s phone carrier, pretending to be the target, and replacing the SIM card with one of their own. One such case resulted in $24 million of lost cryptocurrency.

 

Download the 11 Types of Phishing eBook

 


1 reply

Userlevel 7
Badge +22

I thought SIM Swapping is when the the attacker pretends to be the target with the phone provider, to obtain a “replacement SIM” For the target’s account, so they can take over the target’s phone number by putting the replacement SIM in their own phone. This let’s the attacker intercept two-factor authorizations now, and they can change passwords and drain accounts.  They do not “replace the SIM card for one of their own.”

Reply