Please fill in the form below to subscribe to our blog

Why You Should Be on the Lookout for Spear Phishing & How to Spot It

August 25, 2022

Spear Phishing is a Gateway to Disaster But Awareness Reduces Risk


A flood of phishing has been swamping businesses, with a record 1 million phishing attacks logged by the Anti-Phishing Working Group in Q1 2022. That wave of phishing attacks isn’t all just cybercriminals casting wide nets to catch as many victims as they can. While most cyberattacks are opportunistic, some are not. Sometimes cybercriminals take care to craft especially believable, personalized lures that target specific victims, from individual executives to employees of a particular organization – and narrowly focused spear phishing attacks can be a devastating weapon to use against a business.  


See cybercrime trends & the results of thousands of phishing simulations in The Global Year in Breach 2022. DOWNLOAD IT>>


Cybercriminals love spear phishing 


Phishing is a longtime cybercriminal favorite for launching everything from ransomware attacks to credential compromise attempts. Spear-phishing emails are a tool utilized by an estimated 65% of cybercrime groups when they carry out targeted cyberattacks. While it is significantly more complex and requires more skill than run-of-the-mill phishing, spear phishing remains a frequently used and devastating threat to companies. This attack type came in eighth place in the U.S. The Internal Revenue Service’s “Dirty Dozen” scam threats list as a major risk to businesses.  

Cybersecurity professionals know all too well that the pace of phishing attacks that they have to handle isn’t going to go down anytime soon, and spear phishing attempts are the most dangerous of those threats that their organizations face. In a Dark Reading survey, 54% of cybersecurity professionals reported phishing as their second biggest security worry, up significantly from 31% in 2021. Phishing and spear phishing are only overtaken by ransomware, the threat that IT pros worry about the most. However, it’s important to remember that spear phishing and ransomware go hand in hand since phishing is the primary vector for ransomware attacks against businesses. 


Finding the fix for your security & compliance training challenges is easy with our buyer’s guide! GET YOUR GUIDE>>


10 Spear phishing red flags to look for 


Learning to spot a spear phishing attempt is critical. Be alert for the presence of these red flags that can indicate that an email message is actually a spear phishing attempt.  

  1. A Weird Subject Line 

Phishing messages often have odd subject lines like “Warning”, “Your funds has…” or “Message is for a trusted”. If the subject or pre-header of the email contains spelling mistakes, usage errors, unexpected emojis or other things that just don’t quite seem normal, it’s probably phishing.  

  1. An Unofficial Domain 

Check the sender’s domain by looking at the email address of the sender. A message from a major corporation is going to come from that company’s usual, official domain. For example, If the message says it is from [email protected] instead of [email protected], you should be wary.  

  1. Sender Misrepresentation 

Bad actors often impersonate seemingly trustworthy or official sources like an employee of a trusted company, a colleague, a senior executive or a government entity in order to give the recipient a false sense of security about the legitimacy of the message. Stay alert for signs that a sender may not be who they seem. 

  1. A Clunky Greeting 

If the greeting of an unexpected message seems different from a typical business format, that’s a big red flag. Is it generic when it is usually personalized, or vice versa? Anomalies in the greeting are red flags that a message may not be legitimate

  1. Bad Word Choices, Spelling & Grammar 

This is a hallmark test for a phishing message and the easiest way to uncover an attack. We all make occasional spelling or grammatical errors, but a message riddled with them is probably phishing. If you only remember one red flag from this list, make it this one. 


Read case studies of MSPs and businesses that have conquered challenges using ID Agent solutions. SEE CASE STUDIES>>


  1. An Odd Presentation or Style 

Small variations in style can be indicators of big trouble. Beware of unusual fonts, colors that are just a little off, logos that are odd or formats that aren’t quite right. This is another key indicator of spoofing and an easy way to spot phishing. 

  1. Suspicious Links 

Hovering a mouse or finger over a link will usually enable you to see the path. If the link doesn’t look like it is going to a legitimate page, don’t click on it. If you do accidentally click on a suspicious link, close the page and do not provide any information. 

  1. Unexpected Attachments 

Bad actors frequently use PDFs or files that look like normal Microsoft files to do their dirty work. Almost 50% of malicious email attachments that were sent out in 2020 were Microsoft Office files. The most popular formats are the ones that employees regularly exchange every day — Word, PowerPoint and Excel — accounted for 38% of phishing attacks. Archived files, such as .zip and .jar, account for about 37% of malicious transmissions. Never download or interact with an unexpected attachment.  

  1. It Seems Too Good to Be True 

If you receive an unexpected message that promises you some benefit from clicking a link, downloading something or filling out a form, be suspicious. Everybody wants to win a prize or get something for free and bad actors know that, so they often use this technique to trick victims into turning over personal information, financial data or their credentials. 

  1. A Gut Feeling 

If anything about an unexpected message seems a little bit off, trust your instincts. Don’t interact with the message any further and report it to an administrator immediately. That gut feeling could be the thing that stops a business from falling victim to a phishing-related cyberattack


Go inside nation-state cybercrime to get the facts and learn to keep organizations safe from trouble! GET EBOOK>>


Simulated phishing training dramatically increases an employee’s phishing resistance 


In a report by Microsoft, analysts determined that when employees receive simulated phishing training, they’re 50% less likely to fall for phishing

BullPhish ID provides the tools that IT professionals need to run the right phishing simulations for every group of users, with administration tools and options that make the training process painless for everyone involved. 

  • Choose from a wide variety of plug-and-play phishing simulations, with new phishing simulation kits added every month.  
  • Train your way with fully customizable content including links and attachments to reflect industry-specific threats.  
  • Access a huge library of security and compliance training videos with 4 new videos added every month 
  • Quickly measure retention and see who needs more help with quizzes and easy-to-read progress reports. 

Schedule a demo of BullPhish ID

NEW FEATURE!  Enjoy a major BullPhish ID enhancement, Advanced Phishing Simulations (Drop-A-Phish), that leverages the power of integration with Graphus to eliminate the need for domain whitelisting and ensure 100% campaign deliverability to end users. LEARN MORE>>   



let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


Is your password compromised? Find out in seconds!

USE OUR PASSWORD COMPROMISE CHECKER>>


Book your demo of Dark Web ID, BullPhish ID and Passly now!

SCHEDULE IT NOW>>