Hackers are not just hackers anymore, they have become hacker-spies. In the cyber criminal world hacking has advanced to spying and spear phishing is the potent weapon used in cybercrime.
The skill and sophistication of hackers has increased over the years. Nowadays, malware, ransomware, botnets, and DDoS attacks are being offered as SaaS (Software as a Service). Hence, hackers need not be technical experts themselves or they themselves need not write the code required for hacking.
Hackers are now employing the techniques used by spies and intelligence agencies to obtain or steal information. With the huge use of social media, even a moderately skilled hacker will be able to obtain a wide range of personal information about anybody quite active in the social lane – Facebook, Twitter, Quora, Instagram, etc,, Plenty of personal information as well as the characteristics of a person can be studied through their social media interactions.
On social networks, plenty of personal information is shared – name, names of family members, pets, phone numbers, email addresses, photos, etc.., This is actually plenty of feed for a hacker-spy to plan out ways to conduct a cyber attack on that user.
Armed with considerable information about the habits of the victims, hacker-spies plan and execute targeted spear phishing campaigns. These mails will appear legitimate, appearing to come from someone the user already knows. The latest mails are also well framed, and not like the mails which came earlier with typos, broken English, etc..,
There have been instances of corporate finance officers receiving mails from their CEO or other superior officers asking them to transfer funds to a specific account. As this mail appears to come from the authorized person, the finance officer would hardly have any doubt and perform the transaction. An antivirus solution will not also detect the this as malware. Users in such statuses must be educated on being able to identify such bogus mails.
While the above mentioned scenario is one type of instance, hacker-spies usually send mails with malicious attachments or links. Opening the attachment or clicking on the link would lead to installation of malware. Some sophisticated malware act quite subtly and are difficult to detect by traditional antivirus programs. The only way they can be detected is to have a robust Antivirus solution that has Real-Time Antivirus scanning, which would observe unnatural or unauthorized activity of the malware.
There are a wide variety of cyberthreats, and in many cases education is what is needed to stay protected from cyber threats. There are many who argue that an antivirus is not effective against zero-day threats. But not all threats are zero-day malware. An effective and updated antivirus solution is definitely a necessity as it removes malware and keeps away hacker-spies.