Domain spoofing is a form of phishing where a threat actor creates a fake website or email domain to impersonate a trusted business or individual. Typically, the domain appears to be legitimate at first glance, and the differences may be very subtle and hard to spot (a W that is actually two Vs, a lowercase R and N mimicking an M, or a lowercase L that is actually a capital I). (Credit: Supermicro/Shutterstock)
Phishing attacks have long been a cybersecurity challenge for organizations; today, they are responsible for more than 80% of reported security incidents. According to CISCO's 2021 Cybersecurity Threat Trends report, about 90% of data breaches occur due to phishing. Spear phishing, which is the practice of sending emails that appear to be from a trusted sender in order to induce targets to reveal confidential information, is the most common type of phishing attack, comprising 65% of all phishing attacks.
Perhaps one of the reasons for the proliferation of these attacks is that phishing campaigns are relatively easy and cheap to conduct due to automation. Today, spear phishing can require manual efforts, but is becoming easier with the abundance of personal data that is available publicly today. Tomorrow, we can expect seeing automated and personalized spear phishing campaigns driven by AI (artificial intelligence).
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
