The days of mass mailings have passed now, marketers now target each single customer. Criminals have have also adapted to the new day and age, phishing scam emails are no longer sent to thousands of people. Alternatively, criminals now target individuals with well-crafted messages that are designed to attract to them, a practice called spear phishing.
Once they’ve done the research, phishers will construct their emails. This will include a spoofed email address and will be built to look genuine.
E.g., they may send an email that looks like it came from the organizers of the recent conference, telling the recipient that she won the draw for a new Kindle Fire, and to click a link for more details.
Recently criminals have realized there’s more to gain from a corporate assault but with the same anonymity. Whenever you think of a bank – every time a consumer falls victim to a phishing scam the losses are ring fenced to that one account.
However, if just one employees’ workstation is compromised and the attackers gain a foothold on the inside of the corporate network then that’s a whole new ball game as theoretically that could expose every customer account and more.