Computer networks on which sensitive electronic information is stored are susceptible to attacks by intruders hoping to gain access to that information. In a specific type of attack known as a spear-phishing attack, an intruder obtains detailed personal information about a particular person that has access to the sensitive electronic information or whose computer, if compromised, can serve as an entry point into the computer network.
Conventional approaches to combating spear-phishing attacks include automated filtering tools used in an email server. Such tools identify known sources of spear-phishing attacks and block malicious communications used in such attacks. For example, if it is known that a particular IP address was used in a spear-phishing attack, then an administrator can adjust rules of the automated filter to block any data packets which have that IP address as the source IP address in their header.
In a corporate network, conventional approaches to combating spear-phishing attacks include educating employees of the corporation that owns the network about recognizing a spear-phishing attack. For example, officials of the corporation can train employees to watch for unsolicited emails containing detailed personal information.