Presenter: Sayeed Sajal
Authors: Talmage Shill
Faculty Advisor: Sayeed Sajal
Institution: Utah Valley University
There is an axiom in Computer Security that the weakest link is always humans. For that reason, social engineering is one of the best techniques for breaking into a system. This research focuses on spear phishing, which is a highly targeted form of social engineering. Often, victims receive a carefully crafted email that has been designed specifically to get that person to click on a link, download a file, or expose their credentials. The 2019 Census revealed that 14% of the US workforce works in Healthcare, which is a highly targeted field for malicious hackers. Often, the ransomware We see in the news starts from a spear-phishing attack. This means that at least 14% of the workforce is at risk of being the victim of a phishing attack. Even though some people may consider themselves as not important enough to be hacked, they are the people who are the most susceptible and provide easy initial access into a system. This research will explore how spear-phishing campaigns effectively exploit humans to gain access to a system. In addition, it will explore what tools are available on the market to help create spear-phishing campaigns. Most importantly, the research will provide a simple guide on how to report an attack. By researching how spear phishing is accomplished in many innovative ways, we hope people will be more prepared to identify when they are the victim of a campaign. In addition, we believe that victims will learn what steps they can take to protect themselves from spear-phishing.