• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Protection of Information Assets

Temple University

Protection of Information Assets

MIS 5206.001 ■ Fall 2023 ■ David Lanter
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit #1: Understanding an Organization’s Risk Environment
      • Unit #2: Case Study 1 – Snowfall and stolen laptop
      • Unit #2: Data Classification Process and Models
      • Unit #3: Risk Evaluation
      • Unit #4 Case #2: Autopsy of a Data Breach: The Target Case
      • Unit #5: Creating a Security Aware Organization
      • Unit #6: Physical and Environmental Security
    • Second Half of the Semester
      • Unit #8 Case Study 3 – A Hospital Catches the “Millennium Bug”
      • Unit #9: Business Continuity and Disaster Recovery Planning
      • Unit #10: Network Security
      • Unit #11: Cryptography, Public Key Encryption and Digital Signatures
      • Unit #12: Identity Management and Access Control
      • Unit #13: Computer Application Security
  • Deliverables
    • Weekly Deliverables
      • “In the News” Articles
      • Answers to Reading Discussion Questions
      • Comments on Reading Discussion Question and Other Students’ Answers
    • Case Studies
    • Team Project

Question 3

October 26, 2023 by David Lanter 18 Comments

In the contexts of being attacked by or unwittingly becoming a resource for distributed denial of service (DDoS), which is a bigger threat to an organization’s network and computer resources and why: Spam phishing or Spear phishing?

Filed Under: Unit 10: Network Security Tagged With:

Reader Interactions

Comments

  1. Yannick Rugamba says

    October 29, 2023 at 4:25 pm

    When considering spam phishing and spear phishing it becomes evident that spear phishing poses a threat in the context of DDoS attacks targeting a company’s network. What sets spear phishing apart is its targeted nature. The individuals orchestrating these attacks put in effort to craft authentic looking emails. This level of customization increases the likelihood of people falling for the trick clicking on links or inadvertently disclosing information.

    On the hand spam phishing relies more on quantity, than quality. It’s like casting a net and hoping to catch someone. Since it lacks personalization people have become better at spotting and disregarding these attempts thus reducing their impact.

    In summary spear phishing is the concern that demands our attention. It operates stealthily employs tactics and presents a probability of causing substantial problems—especially when dealing with severe issues like DDoS attacks. The best defense strategy involves keeping everyone informed about these threats while ensuring security measures are, in place.

    Log in to Reply
    • Celinemary Turner says

      October 31, 2023 at 3:44 am

      Yes, Yannick, keeping everyone informed is the key. This is a prudent and informed approach to addressing these cybersecurity challenges.

      Log in to Reply
  2. Nicholas Nirenberg says

    October 29, 2023 at 4:39 pm

    Spear Phishing attacks are meticulously crafted, targeting specific employees or departments with personalized messages. These attacks require significant research and effort to tailor the messages, making them resource-intensive for cybercriminals. Moreover, when successful, Spear Phishing attacks can lead to unauthorized access, data breaches, and potentially compromise critical resources such as intellectual property or financial information. While Spam Phishing can consume network resources due to a high volume of emails, the targeted and resource-intensive nature of Spear Phishing makes it a more significant threat to an organization’s resources.

    Log in to Reply
    • Celinemary Turner says

      October 31, 2023 at 4:00 am

      The potential Consequences of Spear Phishing provide a clear understanding of why spear phishing is a more significant threat to an organization’s resources.

      Log in to Reply
  3. Bo Wang says

    October 29, 2023 at 4:50 pm

    I would say Spear phishing may be the a bigger threat to an organization’s network and computer resources. Because It is highly targeted and involves sending carefully crafted emails to specific individuals or organizations whcih can provide attackers with access to the network, potentially leading to DDoS attacks or other advanced intrusions.

    Log in to Reply
    • Yannick Rugamba says

      October 30, 2023 at 7:26 pm

      In my onion, It’s important to mention that even though spam phishing takes a approach and may appear less threatening its large quantity makes it something we can’t ignore completely as it still poses a risk, particularly to users who are not as knowledgeable, about technology.
      Ultimately spear phishing is the concern in terms of DDoS attacks due, to its nature and higher likelihood of success. It’s essential for us to remain alert and implement security measures.

      Log in to Reply
  4. Celinemary Turner says

    October 29, 2023 at 7:06 pm

    Distributed Denial of Service (DoS) is a malicious attack in which an attacker attempts to make a network or computer resource unavailable to its intended users by overwhelming it with requests from multiple computers.

    Spam phishing is a cyber-attack where many unsolicited and deceptive emails are sent to a broad audience. These emails often try to trick recipients into revealing personal information, clicking on malicious links, or downloading harmful attachments.

    Spear phishing is a more targeted and personalized form of phishing attack. In this case, cyber attackers research specific individuals or organizations to trick the recipient into revealing sensitive information or performing harmful actions.

    Because of the tailored and convincing nature of spear phishing emails, they have a higher success rate. Victims are more likely to fall for the scam, potentially leading to significant security breaches.

    Due to spam phishing’s indiscriminate nature, it often has a lower success rate. Many recipients recognize spam emails and know how to refrain from interacting with them.

    Many spam emails are caught by email filters and never reach the recipient’s inbox. With spam phishing attacks, recipients are often more cautious with unsolicited emails, making them less likely to fall for spam phishing attempts.

    Spear phishing emails are often crafted to bypass standard email filters. Additionally, recipients may be more inclined to trust a message tailored specifically to them, making spear phishing harder to detect.

    Successful spear phishing attacks can result in significant financial losses and reputational damage for an organization. While spam phishing can still lead to financial losses and reputational damage, the impact is generally less severe than successful spear phishing attacks.

    In summary, while both spam phishing and spear phishing are significant cybersecurity threats, spear phishing poses a greater risk due to its targeted and convincing nature. It has a higher likelihood of leading to security breaches and compromises of an organization’s network and resources.

    Log in to Reply
  5. Edge Kroll says

    October 29, 2023 at 8:24 pm

    Spearfishing attacks pose a much larger threat in this situation. As in the case of spam fishing, they often send thousands of messages out, which half of the time never even reach their intended target. Spearfishing attacks are much more personal to their target. Therefore they are going to be more likely to target individuals with higher levels of access rather than the average employee who is more likely to be a victim of spam fishing. If these malicious actors are able to successfully complete a spearfishing attack on someone with high-level system permissions it could be potentially devastating for the organization.

    Log in to Reply
    • Celinemary Turner says

      October 31, 2023 at 3:50 am

      The threat posed by spear phishing attacks is due to their personalization and the potential for targeting high-access individuals. It correctly underscores the significant risks involved and the potential impact on the organization’s security and operations. This recognition is crucial for organizations to focus on targeted security measures to mitigate spear phishing threats.

      Log in to Reply
    • Nicholas Nirenberg says

      October 31, 2023 at 12:36 pm

      Hi Edge, I agree with your take. Spearfishing attacks pose a significantly higher threat due to their personalized nature. Unlike spam fishing, which casts a wide net, spearfishing targets specific individuals, especially those with elevated access levels. This focused approach increases the chances of breaching critical systems. If a malicious actor successfully executes a spearfishing attack on someone with high-level permissions, the consequences for the organization could be devastating. It underscores the need for stringent security measures to protect against such targeted threats.

      Log in to Reply
  6. Jon Stillwagon says

    October 29, 2023 at 10:14 pm

    The bigger threat to an organization’s network and computer resources would have to be spear phishing because of its targeted nature. Someone wants to personally target the company to cause harm and do more damage. They specifically want something out of the company and it can be more convincing to the person that could potentially be affected by the spear phishing. The attacker puts more effort into the effect of spear phishing rather than someone who is doing spam phishing which is just sending out multiple and they don’t put too much effort into it. They just hope to catch someone who is not paying attention or hasn’t received the proper training. It would also take more effort to recognize spear phishing because of how detailed it may be.

    Log in to Reply
    • Edge Kroll says

      October 31, 2023 at 5:40 pm

      Hi Jon,
      I agree, Attackers invest much more time and effort into spearfishing making them harder to detect and more likely to deceive their targets. This heightened level of sophistication and the potential for more significant damage make spear phishing a top concern, emphasizing the importance of training and security measures to counteract this threat.

      Log in to Reply
  7. Hashem Alsharif says

    October 29, 2023 at 11:28 pm

    When looking at Spam Phishing and Spear Phishing, they have their similarities. However, they also have key differences, and it’s through those differences we can make a determination which would be a bigger threat to an organization. In regards to Spam phishing, it’s a typical type of phishing where emails are sent to a massive number of people, with the assumption that a small amount will catch the bait. Spear phishing is still phishing, but more targeted. Meaning an email could be sent, but it would be either one or two emails typically with the intention of doing massive damage to the organization. While people responding to spam emails can have negative effects, spear phishing is by far more harmful to an organization. This is because if someone goes out of their way to make a targeted attack, they have plans for worse than just acquiring solely personal information from some people.

    Log in to Reply
    • Eyup Aslanbay says

      October 31, 2023 at 2:23 pm

      Your explanation highlights the nuanced differences between the two, emphasizing the potential dangers of targeted attacks. I agree with you.

      Log in to Reply
  8. Eyup Aslanbay says

    October 30, 2023 at 11:38 pm

    Spam phishing sends fake emails to lots of people, hoping someone will click on links or attachments. If someone clicks on a link, their computer might be used to help in big internet attacks called DDoS. Spear phishing sends fake emails to specific people, like bosses or IT staff. These emails look very real and personal. If a key person is tricked, the hackers might get control of important parts of the company’s network. This can help them in bigger and more harmful DDoS attacks. These emails are more dangerous because they’re very convincing and can give attackers access to important stuff. Between the two, spear phishing is scarier. Because it’s more convincing and can give hackers a way into the important parts of a company. If they get in, they can do bigger and more harmful attacks.

    Log in to Reply
    • Bo Wang says

      October 31, 2023 at 8:58 pm

      Spear phishing is more focused on its target, more secretive, and has a higher success rate. So spear phishing poses an even bigger threat.

      Log in to Reply
    • Hashem Alsharif says

      October 31, 2023 at 10:34 pm

      I agree with the points you made. On the cover, Spam Phishing seems more dangerous because more people are involved, but just because more people are involved, it doesn’t mean it’s more dangerous. Spear Phishing, while it targets more people, the impact it leaves is much worse, and you went into that when you described how these attacks give attackers access to important company information. One thing I’m curious about, is there a number limit for Spear Phishing? at what point is an attack no longer Spear Phishing and it becomes Spam Phishing?

      Log in to Reply
  9. Ooreofeoluwa Koyejo says

    October 31, 2023 at 5:12 pm

    DDoS which stands for Distributed Denial of Service is a malicious cyberattack in which multiple compromised computers, often referred to as a “botnet,” are used to flood a target system or network with an overwhelming volume of traffic or requests. The goal of a DDoS attack is to disrupt the normal functioning of the target, rendering it unavailable to its intended users.

    In the context of DDoS attacks, spam phishing is a bigger threat due to its potential to build a botnet of compromised machines, which can then be used to launch DDoS attacks. However, it’s important to note that both spam phishing and spear phishing are significant cybersecurity threats in their own right, and organizations should have robust security measures in place to mitigate the risks associated with both types of attacks. While spear phishing doesn’t directly contribute to DDoS attacks, it can potentially lead to data breaches, system compromises, or unauthorized access to critical systems

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Unit 01: Understanding an Organization's Risk Environment (5)
  • Unit 02: Case Study 1 – Snowfall and a stolen laptop (2)
  • Unit 02: Data Classification Process and Models (6)
  • Unit 03: Risk Evaluation (6)
  • Unit 04: Case Study 2 – Autopsy of a Data Breach – The Target Case (4)
  • Unit 05: Creating a Security Aware Organization (6)
  • Unit 06: Physical and Environmental Security (6)
  • Unit 08: Case Study 3 – A Hospital Catches the "Millennium Bug" (3)
  • Unit 09: Business Continuity and Disaster Recovery (6)
  • Unit 10: Network Security (6)
  • Unit 11: Cryptography, Public Key Encryption and Digital Signature (6)
  • Unit 12: Identity Management and Access Control (6)
  • Unit 13: Computer Application Security (6)
  • Welcome (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in