Phishing Attacks Have Become Highly Sophisticated


Phishing Attacks Have Become Highly Sophisticated
Phishing Attacks Have Become Highly Sophisticated

Now phishing attacks have become personal. Very personal. And very frightening.

It’s hard to imagine that it’s come to this already. As if phishing attacks aren’t bad enough we’ve all been exposed to “spearphishing” attacks – which add a level of information that makes them more likely to get their victims to click on the link bait. Now we’ve got a highly sophisticated, very personalized and downright frightening form of phishing never seen before.

Let’s call it “baitphishing” because the bait is so real, so enticing and so personal that it is almost beyond resistance.

As outlined in this article in TechRadarPro these “baitphishing” attacks differ from even the most sophisticated spearphishing attacks because they include a lot of information that people would consider very personal.  Your name, email address, phone number and maybe even names of personal contacts might be included in this email attack.  How do they do it?  Think about it – your information is, well, EVERYWHERE. Got a Facebook account?  Twitter?  LinkedIn?  How about Amazon – do you write reviews?  Maybe a Strava account with a profile about your running or cycling accomplishments?

Harvesting personal information just isn’t that difficult anymore.  Sophisticated hackers can write code that will scour the various sites, tie the names to the email addresses and add a phone number if it finds one, and then merge it all into an email addressed to you and appearing to be from your boss, your bank or your ex-girlfriend. (Come on – do you really think hackers don’t know who your ex-girlfriend is?  They can read your Facebook rants.) So the email looks so real, so authentic, so tempting, that you just can’t resist the bait (thus my name, “baitphishing”).

Once you click the link it’s pretty much all over.  If the link doesn’t take you to a website where your personal information is sought and captured it might install some malware on your computer that will remain invisible and dormant until the hackers decide to activate it six months from now.  It’ll be so long since you clicked on that link that you’ll have totally forgotten about doing it and can’t imagine how someone has taken over your computer, stolen your accounts and ruined your financial life.  All because you’ve clicked on the wrong link in a baitphishing email.

This new form of phishing, referred to by the cybersecurity companies that investigate it as “TA530”, is the most nefarious we’ve seen.  It is the most sophisticated form of phishing imaginable and includes frighteningly personal information.  Don’t fall victim to it.  Be careful.  Be alert.  BeCyberAware.

Listen to the podcast:


Author: BeCyberAware

Scott Goldman is a veteran of the wireless and Internet industries, holds two cybersecurity patents and is known as a dynamic, entrepreneurial executive with a long track record of successes and thought leadership. He is an independent director on the board of Mueller Industries, a $2 billion Fortune 1000 company and has served on the Audit, Governance and Compensation Committees. Mr. Goldman has traveled to more than 20 countries to assist startups, governments and enterprises in developing, launching, operating and selling technology businesses around the world. He has written two books, hundreds of magazine articles and blog posts and given keynote speeches at major industry events around the world. He has also been interviewed more than 500 times in major print, radio, TV, and webcast media because of his ability to relate complex technical concepts in easily understandable terms. His specialties include executive management, strategic planning, product development, regulatory matters and public relations. He is also an avid cyclist, making time to ride more than 6,000 miles each year. For a detailed look at Mr. Goldman's global activities, career history and accomplishments visit or his YouTube channel:

Leave a Reply

Your email address will not be published. Required fields are marked *