In the past two years a lot the cyber-incidents have one major similarity – they started with a spear-phishing email. Spear-phishing involves very targeted spoof messages where cyber criminals impersonate someone you know, hoping that you will click on a link or open an attachment.
For instance, you get an email from a co-worker who asks you to proofread something. You click the link and you are asked to login to your OneDrive account. But the email really wasn’t from your coworker, it only looked that way. And now the bad guys have your OneDrive credentials.
In the example above it was easy to miss that the message came from firstname.lastname@example.org instead of email@example.com (note that only one letter is different in the domain extension). So take an extra moment to look more closely at the emails you receive and where they are actually coming from. More than 35% of all cyber incidents start with a human error.