Spearphishing Link

From RCATs

Attackers may use spearphishing tactics to trick individuals into revealing sensitive information by sending an email with a malicious link. This type of spearphishing, known as "spearphishing for information," is an attempt to trick targets into divulging information, frequently credentials or other actionable information. This type of spearphishing is targeted at a specific individual, company or industry, and the emails contain links accompanied by social engineering text to coax the user into clicking or copying and pasting a URL into a browser. The website may be a clone of a legitimate site or closely resemble a legitimate site in appearance and have a URL containing elements from the real site. From the fake website, the attackers gather information in web forms and send it to themselves. They may also use information gathered from previous reconnaissance efforts such as searching open websites or the victim's website to create convincing and believable lures.