“Reply to” phishing emails with no attachments and no links are another type of phishing attack that anti-spam and antivirus filters often do not detect. This is due in part to filters’ use of simple “bag of words” techniques that look for emails containing words that typically indicate spam, such as “Viagra,” “cash,” and “you have won.” This technique works well at catching spam but does not effectively differentiate phishing from legitimate emails, since many phishing emails are drafted to look like legitimate ones.
Even with phishing, not all emails are created equal. People are least likely to fall for high-volume phishing campaigns claiming to come from well-established organizations such as large banks and the IRS. Targeted spear phishing messages directed at small groups, such as employees of a particular department or even individuals, tend to be more effective at fooling recipients. These campaigns have been used to initiate many of the high-profile security breaches in the past couple of years, as well as low-profile attacks on smaller organizations.
Want more information? Go to: http://wilsontechgroup.com/category/news