In corporate world being more vulnerable to phishing scams, is really a matter of serious concern. Phishing, one of the most general type of cyber rackets and theft encompasses the act of attempting to acquire vital personal data such as passwords, credentials and financial statements.

In the corporate world, the technical argot ‘spear-phishing’ implies the attempts directed at sourcing information concerning specific individuals or companies w.r.t their personal or official information.

“Just like a fisherman uses a spear to target a single fish, spear-phishing targets select individuals.'”


In spear-phishing attacks, emails are sent with custom content which tries to lure the recipient to click on the embedded links in the email.

Spear-phishing is targeted at senior officials in a company who are expected to have access to sensitive information.

Spear-phishing continues to be one of the fastest growing mechanisms of online fraud.



How to avoid spear-phishing?

For employees:

Protect your computer with strong security software and make sure to keep it up to date. Hackers have databases containing millions of email addresses. They target vulnerabilities in email applications and web browsers. Employees shouldn’t be allowed to download free screen savers and other freebies.

For IT managers:

Companies should implement strong anti-spam and anti-phishing policies and should prove to be an early adopter of new technologies. The people should be educated through periodic interventions. Social network sites and other vulnerable sites should be disabled from corporate networks and provided authorized access only to authorized groups to curb phishing at the workplace.