Targeted attacks are often directed at organizations by way of spear-phishing emails. In this context, the term “targeted attack” typically refers to any type or form of computer-based attack and/or campaign that is specifically targeting one or more organizations. For example, a criminal hacker may send an email to an employee of a company with the intent of obtaining certain confidential and/or private information. In this example, the email may disguise and/or portray the criminal hacker as a friend, colleague, and/or business associate of the employee and/or the company.
Unfortunately, the employee may be unable to determine that the email is a scam. As a result, the employee may click on a link and/or open a file included in the email, thereby enabling the criminal hacker to gain access to the employee's computer. By gaining access to the employee's computer, the criminal hacker may collect confidential and/or private information, such as credit card numbers, bank account numbers, passwords, identification information, and/or financial information. In this way, the criminal hacker may be able to successfully infiltrate the company and/or carry out his or her targeted attack without the company's computer security detecting any suspicious and/or malicious activity.
The instant disclosure, therefore, identifies and addresses additional and improved methods, systems, and apparatuses for detecting and preventing targeted attacks.