You’ve heard of phishing scams where hackers try to steal your personal info, but what about spear phishing? This email-spoofing attack tends to target members of organizations or people who have things in common with the goal of stealing sensitive information. These attacks are quite similar to regular phishing scams. The primary difference is that spear phishing targets groups of people rather than random individuals. These folks may all work at the same company, shop at the same stores, or bank at the same financial institution. The emails the scammer sends are made to look like they’re from the common link. They will take victims to a site made to resemble the real website. How they work – the scammers hack into the employer, bank, or retailer’s database first. It’s necessary to have details like their name and contact information in order to fool their targets. The email from the scammer will contain very plausible excuses for the victim to provide their personal information at a real enough looking website. When the victim clicks the link and enters their password, pin, or other details it’s over. The crooks have their information and identity and if they embedded malicious code into their website they could keep stealing from you even if you realize the mistake and change your passwords.

Stay safe by following the FBI tips on spear phishing:

- Keep in mind that reputable companies and organizations don’t ask for personal information via email. If you get something questionable, call the company at their main number. Don’t use any contact information from the questionable email.

- Never follow a link to a secure site from an email, always enter the URL manually to make sure that’s where you actually end up.