Black & Gold Blog

Fraud Prevention Series: How to Avoid Spear Phishing, the Most Successful Scam

August 8, 2023

You’ve heard of phishing, the internet scam of sending emails and messages pretending to be a reputable company in order to trick you into divulging your personal information, such as passwords and credit card numbers. But are familiar with the new practice of “spear phishing”? It’s quickly becoming the most successful form of fraud and acquisition of confidential information and now accounts for 91% of all scam attempts.

So, what is spear phishing and why is it successful? Spear phishing is a personalized scam that attempts to steal sensitive information from its victims by acquiring personal details in order to pretend to be a friend, employer, or retailer they might frequent. The goal of spear phishing, like regular phishing, is still to glean passwords, personal data, credit card information, or to infect the targets’ device with malware.

Phishing vs. Spear Phishing

To explain the difference between these two scams, we will use the real-life example of fishing.
Regular phishing is like fishing with a net. Phishing scammers send generic messages to large quantities of people to increase the chance of catching victims.

Spear phishing, on the other hand, is like fishing with a single fishing pole. Spear phishing focuses on individual victims and relies on carefully researching their targets so that the attack appears to be from a trusted source. It uses social engineering to appear legitimate and deceive its victims.

What to Look Out For

Here is a list of the most common indicators that an email or message you have received is fraudulent.

The email address is incorrect
The message has an unusual sense of urgency or panic
There are spelling or grammar mistakes
It contains suspicious links with spelling mistakes or that don’t match the domain name
It includes suspicious attachments
It asks for confidential information like your username and password or credit card info

How to Avoid Spear Phishing Attacks

There are several ways you can avoid being taken advantage of by spear phishing

Be wary of all emails and messages you receive asking for personal information
Use spam filters and change browser settings to prevent fraudulent websites from being displayed
Change your passwords on a regular basis, and never use the same password for multiple accounts
Never submit confidential information on forms embedded in or attached to email messages
Update and maintain anti-virus software to block fake websites and authenticate legitimate banking and shopping sites

If you believe the email or message you received might be a spear phishing attack, you can also always check with the person or organization that the message claims to be. Verifying the sender is always the safest way to avoid falling victim to a spear phishing scam.

Reminder: Oakland University Credit Union will never call you asking for personal or sensitive information. Please notify us if you receive a suspicious call, email, or text message from someone claiming to be from OU Credit Union. To learn more about signs of fraud, visit oucreditunion.org/securitycenter.

Tags: Fraud Prevention Series, Tips and Tricks, Security

About OU Credit Union

Hi! We're Oakland University Credit Union. Founded in 1937, we've grown to become the largest university-based credit union in the world. Every post is written by employee experts who want to help you achieve your financial dreams. Our mission is to provide superior service while assisting members and employees to achieve financial security, their goals, and ultimately, their dreams.

Learn More