Spearphishing Boils Down to Basic Social Engineering

While spearphishing attacks may employ various tactics and tools, they all rely on the same underlying human weaknesses to achieve their goals, according to Asaf Cidon from Barracuda Networks. Cidon appeared on the CyberWire’s Hacking Humans podcast last week, where he discussed his company’s research on spearphishing and social engineering.

Social Engineers Earn a First

A study by nonprofit research company Jisc and the UK’s Higher Education Policy Institute (HEPI) found that 100 percent of spearphishing tests against universities were able to gain access to sensitive data within two hours. The tests targeted students and staff members at 173 institutions.