Spear phishing is on the rise—because it works. Cyber criminals have moved from broad, scattershot attacks to advanced targeted attacks like spear phishing. This has proven to be highly effective with serious consequences to victim organizations, requiring enterprises to find a way to more effectively combat evolving threats.

In this white paper, you will find:

  • An overview of spear phishing and its characteristics
  • A case study on spear phishing
  • Key capabilities organizations need to effectively combat spear phishing threats

Spear Phishing Attacks: Why They are Successful and How to Stop Them

Complimentary White Paper


There’s been a rapid and dramatic shift from broad, scattershot attacks to advanced targeted attacks that have had serious consequences for victim organizations. Some of the most famous advanced targeted attacks, such as the attack on RSA, on HBGary Federal, and Operation Aurora all used spear phishing. The increased use of spear phishing is directly related to the fact that it works, as traditional security defenses simply do not stop these types of attacks. This paper provides a detailed look at how spear phishing is used within advanced targeted attacks. It will provide an overview of spear phishing, its characteristics, and a notable attack case study. Finally, the paper looks at the key capabilities organizations need in order to effectively combat these emerging and evolving threats.

Generally speaking, ‘phishing’ emails are exploratory attacks in which criminals attempt to obtain victims’ sensitive data, such as personally identifiable information and/or network access credentials. These attacks open the door for further infiltration into the network. Phishing typically involves both social engineering and technical trickery to deceive victims into opening attached files, clicking on embedded links, and revealing sensitive information...

To read more, complete the form to the right.

Download the White Paper
© 2015 FireEye, Inc. All rights reserved. Privacy Policy. FireEye on Facebook    FireEye on Twitter    FireEye on LinkedIn    FireEye Blog: Malware Intelligence Lab