Cyber criminals are now using sophisticated social engineering techniques to target employees and trick them into handing over funds and divulging sensitive corporate data.
The attacks start with in-depth electronic surveillance of a company and its employees. Cyber criminals gather information from publically-available resources such as social media, corporate blogs and company websites, as well as through more devious techniques such as spymail. They then use the collected information to create targeted outreach to employees in the form of emails or even phone calls in an attempt to steal funds, disable corporate networks, steal sensitive data and hold companies hostage. The industries that are most at-risk include legal, healthcare and government because of the sensitive information they possess that can be used for identity theft, insider trading, blackmail, etc.