Kingston Police warn the public of sophisticated spear phishing attacks
Kingston Police are warning the public of another email scam — spear phishing — which can look extremely legitimate, and most often is experienced in the workplace.
“Recently, researchers at a cybersecurity company observed a sophisticated phishing email sent to a foreign diplomat,” Kingston Police said in a media release. “In the email, cybercriminals disguised themselves by using the first and last name of an employee in the diplomat’s IT department. In this case, the diplomat believed that the email was suspicious and forwarded it to the actual employee in the IT department for investigation.”
Kingston Police said that this case is a perfect example of a popular attack called spear phishing. According to the release, spear phishing attacks are targeted at a single person or department that has information that cybercriminals want. In these attacks, cybercriminals conduct research on the specific person or department and figure out who they talk to frequently. Kingston Police said that then the cybercriminals send a message to the person or department, pretending to be someone they know and trust.
“It’s important to watch out for these attacks because they can happen to anyone, not just diplomats or executives,” police said.
Kingston Police provided these tips to stay safe from spear phishing attacks:
- Don’t open attachments or click on links in emails that you were not expecting.
- Check email headers to make sure you recognize the sender and any other recipients.
- Reach out to the person who allegedly sent the email by phone or in person. By reaching out to the alleged sender directly, you could save yourself and/or your organization from a potential spear phishing attack!