How cybercriminals harvest information for spear phishing by Anastasiya Gridasova.
From the post:
In analyzing targeted attacks over the past decade, we continually find a recurring theme: “It all started when the victim opened a phishing e-mail.” Why are spear-phishing e-mails so effective? It’s because they are contextualized and tailored to the specific victim.
Victims’ social networks are often used as a source of information. Naturally, that leads to the question: How? How do cybercriminals find these accounts? To a large extent, it depends on how public the victim is. If someone’s data is published on a corporate website, perhaps with a detailed biography and a link to a LinkedIn profile, it’s quite simple. But if the only thing the cybercriminal has is an e-mail address, the task is far more complicated. And if they just took a picture of you entering the office of the target company, their chances of finding your profile in social networks are even lower.
…
A quick but useful introduction to gathering social data for spear fishing. The more experience you gain at spear fishing the more sources you will add to those mentioned here.
Just as an observation: Detailed biographies of management terms for large institutional investors (think oil pipelines and the like) are published online and in a number of other sources.
BTW, to avoid being taken in by a phishing email, don’t use links sent in email. Ever. From any source. The act of copying them for use will direct your attention to the link. Or it should.