Highly targeted instances of phishing - so called ‘spear phishing’ - are on the rise according to senior security figures who met recently to discuss the current security challenges facing large businesses. Perhaps wise to the fact that many PC users now know not to give out bank details over email, criminals have instead turned their attention to targeting specific members of staff with highly targeted and highly tailored phishing messages.

Security chiefs taking part in the workshop warned that criminals appear now to be gathering both personal and professional information about a member of staff and developing tailored emails which fool the recipient that they are from a trusted source.

Criminals are increasingly targeting Board-level company directors in the hope of releasing Trojans and gathering sensitive company information or they are targeting junior staff.

Participants revealed that spear phishing criminals often target junior staff with invitations to download free - but contaminated - media onto their MP3 players. Devices that are then plugged into work machines containing sensitive data.

Have other companies experienced an increase in spear phishing and if so, what are they doing to minimise the risk and educate users about the threat?