{"id":10253,"date":"2025-03-06T20:32:35","date_gmt":"2025-03-06T19:32:35","guid":{"rendered":"https:\/\/ms-advocats.com\/spear-phishing\/"},"modified":"2025-03-06T20:32:35","modified_gmt":"2025-03-06T19:32:35","slug":"spear-phishing","status":"publish","type":"post","link":"https:\/\/ms-advocats.com\/ca\/spear-phishing\/","title":{"rendered":"Qu\u00e8 \u00e9s l&#8217;spear phishing? Com protegir-nos d&#8217;aquest ciberatac?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Tabla de Contenidos<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#1_Spear_Phishing_Un_Delicte_Cibernetic_amb_Consequencies_Legals\" >1. Spear Phishing: Un Delicte Cibern\u00e8tic amb Conseq\u00fc\u00e8ncies Legals<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#2_Regulacions_i_Legislacio_Aplicable\" >2. Regulacions i Legislaci\u00f3 Aplicable<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#3_Responsabilitat_Juridica_dels_Atacants_i_de_les_Empreses\" >3. Responsabilitat Jur\u00eddica dels Atacants i de les Empreses<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#4_Prevencio_Legal_i_Bones_Practiques\" >4. Prevenci\u00f3 Legal i Bones Pr\u00e0ctiques<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#5_Com_Actuar_Legalment_en_Cas_dun_Atac\" >5. Com Actuar Legalment en Cas d&#8217;un Atac<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#Preguntes_Frequents_FAQ\" >Preguntes Freq\u00fcents (FAQ)<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#1_Es_lspear_phishing_un_delicte_penal\" >1. \u00c9s l&#8217;spear phishing un delicte penal?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#2_Pot_una_empresa_ser_responsable_si_pateix_un_atac\" >2. Pot una empresa ser responsable si pateix un atac?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#3_Com_es_pot_provar_un_cas_de_spear_phishing_legalment\" >3. Com es pot provar un cas de spear phishing legalment?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#4_Quines_son_les_millors_defenses_legals_contra_lspear_phishing\" >4. Quines s\u00f3n les millors defenses legals contra l&#8217;spear phishing?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#5_Un_bufet_dadvocats_pot_ajudar_empreses_victimes_de_spear_phishing\" >5. Un bufet d&#8217;advocats pot ajudar empreses v\u00edctimes de spear phishing?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/ms-advocats.com\/ca\/spear-phishing\/#Estigues_connectat_amb_MITJANS_ADVOCATS\" >Estigues connectat amb MITJANS ADVOCATS:<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<p data-pm-slice=\"1 1 []\"><strong>L&#8217;spear phishing<\/strong> \u00e9s una de les amenaces cibern\u00e8tiques m\u00e9s sofisticades i dirigides que existeixen en l&#8217;actualitat.<\/p>\n<p data-pm-slice=\"1 1 []\">A difer\u00e8ncia del <strong>phishing tradicional<\/strong>, que envia correus massius a la recerca de v\u00edctimes a l&#8217;atzar, l&#8217;spear phishing <strong>s&#8217;enfoca en objectius espec\u00edfics<\/strong>, com empreses, funcionaris o bufets d&#8217;advocats, amb missatges altament personalitzats que busquen enganyar la v\u00edctima per obtenir informaci\u00f3 confidencial. <strong>Per\u00f2 m\u00e9s enll\u00e0 de ser un problema de ciberseguretat, tamb\u00e9 \u00e9s un tema que pot i s&#8217;ha d&#8217;abordar des del marc legal.<\/strong><\/p>\n<p data-pm-slice=\"1 1 []\">A continuaci\u00f3 et comptem com poder abordar l&#8217;spear phishing des del marc legal, per poder protegir-te correctament en cas que passi.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"1_Spear_Phishing_Un_Delicte_Cibernetic_amb_Consequencies_Legals\"><\/span><strong>1. Spear Phishing: Un Delicte Cibern\u00e8tic amb Conseq\u00fc\u00e8ncies Legals<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>L&#8217;spear phishing \u00e9s una t\u00e8cnica en la qual un atacant es fa passar per una persona o entitat de confian\u00e7a per tal d&#8217;obtenir dades sensibles, com credencials d&#8217;acc\u00e9s, informaci\u00f3 financera o documents legals.<\/p>\n<p>Alguns exemples inclouen:<\/p>\n<ul data-spread=\"false\">\n<li><strong>Correus fraudulents de &#8220;clients&#8221;<\/strong> demanant acc\u00e9s a documents.<\/li>\n<li><strong>Falses sol\u00b7licituds de transfer\u00e8ncia banc\u00e0ria<\/strong> que semblen provenir de socis comercials.<\/li>\n<li><strong>Suplantaci\u00f3 d&#8217; identitat de prove\u00efdors<\/strong> perqu\u00e8 una empresa faci pagaments a comptes fraudulentes.<\/li>\n<\/ul>\n<p>Des del punt de vista legal, aquests atacs poden constituir <strong>frau, usurpaci\u00f3 d&#8217;identitat, acc\u00e9s il\u00b7legal a sistemes inform\u00e0tics i violaci\u00f3 de privacitat<\/strong>, depenent de la legislaci\u00f3 de cada pa\u00eds.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-10218 size-full\" src=\"https:\/\/ms-advocats.com\/wp-content\/uploads\/2025\/03\/pexels-tdcat-193003.jpg\" alt=\"spear phishing\" width=\"640\" height=\"427\" title=\"\" srcset=\"https:\/\/ms-advocats.com\/wp-content\/uploads\/2025\/03\/pexels-tdcat-193003.jpg 640w, https:\/\/ms-advocats.com\/wp-content\/uploads\/2025\/03\/pexels-tdcat-193003-480x320.jpg 480w\" sizes=\"(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) 640px, 100vw\" \/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"2_Regulacions_i_Legislacio_Aplicable\"><\/span><strong>2. Regulacions i Legislaci\u00f3 Aplicable<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Diverses normatives nacionals i internacionals regulen el tractament d&#8217;aquests delictes. Algunes de les m\u00e9s rellevants inclouen: <\/p>\n<ul data-spread=\"false\">\n<li><strong>Reglament General de Protecci\u00f3 de Dades (GDPR)<\/strong>: Estableix estrictes normes sobre la protecci\u00f3 de dades personals i obliga les empreses a reportar violacions de seguretat.<\/li>\n<li><strong>Llei de Protecci\u00f3 de Dades Personals (a diversos pa\u00efsos d&#8217;Am\u00e8rica Llatina)<\/strong>: Exigeix mesures de seguretat per protegir la informaci\u00f3 sensible.<\/li>\n<li><strong>Codis Penals nacionals<\/strong>: En molts pa\u00efsos, els fraus cibern\u00e8tics, la usurpaci\u00f3 d&#8217;identitat i l&#8217;acc\u00e9s no autoritzat a sistemes inform\u00e0tics s\u00f3n delictes amb penes de pres\u00f3 i multes.<\/li>\n<\/ul>\n<p>En cas d&#8217; un atac, les v\u00edctimes tenen dret a prendre accions legals contra els responsables, aix\u00ed com exigir compensacions en certs casos.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"3_Responsabilitat_Juridica_dels_Atacants_i_de_les_Empreses\"><\/span><strong>3. Responsabilitat Jur\u00eddica dels Atacants i de les Empreses<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Els atacants de spear phishing poden enfrontar:<\/p>\n<ul data-spread=\"false\">\n<li><strong>C\u00e0rrecs penals<\/strong>: Depenent del pa\u00eds, el frau inform\u00e0tic i la usurpaci\u00f3 d&#8217;identitat poden comportar penes de pres\u00f3.<\/li>\n<li><strong>Sancions econ\u00f2miques<\/strong>: Les multes per violacions a la privacitat poden ser significatives, especialment sota normatives com el GDPR.<\/li>\n<\/ul>\n<p>D&#8217;altra banda, <strong>les empreses tamb\u00e9 poden ser responsables<\/strong> si no prenen mesures adequades de ciberseguretat. Un bufet d&#8217;advocats, per exemple, podria ser demandat si un client pateix perjudicis a causa d&#8217;una filtraci\u00f3 d&#8217;informaci\u00f3 obtinguda per spear phishing. <\/p>\n<h2><span class=\"ez-toc-section\" id=\"4_Prevencio_Legal_i_Bones_Practiques\"><\/span><strong>4. Prevenci\u00f3 Legal i Bones Pr\u00e0ctiques<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Des del punt de vista legal, hi ha diverses estrat\u00e8gies que les empreses i bufets poden implementar per reduir riscos:<\/p>\n<ul data-spread=\"false\">\n<li><strong>Contractes i cl\u00e0usules de seguretat<\/strong>: Incloure obligacions de ciberseguretat en contractes amb empleats i prove\u00efdors.<\/li>\n<li><strong>Pol\u00edtiques internes<\/strong>: Implementar normatives clares sobre la gesti\u00f3 d&#8217; informaci\u00f3 i protocols de verificaci\u00f3 abans d&#8217; executar pagaments o compartir dades.<\/li>\n<li><strong>Termes d&#8217; \u00fas i avisos de privacitat<\/strong>: Assegurar que clients i empleats estiguin informats sobre el maneig segur de dades.<\/li>\n<li><strong>Capacitaci\u00f3 en ciberseguretat<\/strong>: Un gran percentatge d&#8217;atacs passa per error hum\u00e0, per la qual cosa la formaci\u00f3 \u00e9s clau.<\/li>\n<li><strong>\u00das d&#8217; eines tecnol\u00f2giques<\/strong>: Autenticaci\u00f3 multifactor i filtres de correu electr\u00f2nic poden ajudar a prevenir atacs.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-10213 size-full\" src=\"https:\/\/ms-advocats.com\/wp-content\/uploads\/2025\/03\/pexels-burst-374074.jpg\" alt=\"spear phishing\" width=\"640\" height=\"427\" title=\"\" srcset=\"https:\/\/ms-advocats.com\/wp-content\/uploads\/2025\/03\/pexels-burst-374074.jpg 640w, https:\/\/ms-advocats.com\/wp-content\/uploads\/2025\/03\/pexels-burst-374074-480x320.jpg 480w\" sizes=\"(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) 640px, 100vw\" \/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"5_Com_Actuar_Legalment_en_Cas_dun_Atac\"><\/span><strong>5. Com Actuar Legalment en Cas d&#8217;un Atac<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Si una empresa o professional \u00e9s v\u00edctima de spear phishing, ha de seguir aquests passos:<\/p>\n<ol start=\"1\" data-spread=\"false\">\n<li><strong>Denunciar l&#8217;atac<\/strong> a les autoritats competents (policia cibern\u00e8tica o fiscalies especialitzades en delictes inform\u00e0tics).<\/li>\n<li><strong>Notificar als afectats<\/strong> i, en cas de regulacions com el GDPR, reportar la filtraci\u00f3 en el termini requerit.<\/li>\n<li><strong>Revisar contractes i responsabilitats<\/strong> per avaluar si existeixen mesures de protecci\u00f3 legal.<\/li>\n<li><strong>Implementar millores en seguretat<\/strong> per evitar futurs atacs.<\/li>\n<\/ol>\n<h2><span class=\"ez-toc-section\" id=\"Preguntes_Frequents_FAQ\"><\/span><strong>Preguntes Freq\u00fcents (FAQ)<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"1_Es_lspear_phishing_un_delicte_penal\"><\/span><strong>1. \u00c9s l&#8217;spear phishing un delicte penal?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>S\u00ed, en la majoria dels pa\u00efsos l&#8217;spear phishing es considera un delicte de frau, usurpaci\u00f3 d&#8217;identitat o acc\u00e9s indegut a sistemes inform\u00e0tics.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"2_Pot_una_empresa_ser_responsable_si_pateix_un_atac\"><\/span><strong>2. Pot una empresa ser responsable si pateix un atac?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Dep\u00e8n. Si l&#8217; empresa no va prendre mesures de seguretat adequades i aix\u00f2 va provocar perjudicis a tercers, podria ser demandada o sancionada. <\/p>\n<h3><span class=\"ez-toc-section\" id=\"3_Com_es_pot_provar_un_cas_de_spear_phishing_legalment\"><\/span><strong>3. Com es pot provar un cas de spear phishing legalment?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>A trav\u00e9s d&#8217; auditories digitals, registres d&#8217; activitat en sistemes, correus electr\u00f2nics i peritatges inform\u00e0tics que demostrin la suplantaci\u00f3 d&#8217; identitat i el frau.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"4_Quines_son_les_millors_defenses_legals_contra_lspear_phishing\"><\/span><strong>4. Quines s\u00f3n les millors defenses legals contra l&#8217;spear phishing?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Incloure cl\u00e0usules de ciberseguretat en contractes, establir protocols de verificaci\u00f3 d&#8217; identitat, implementar capacitacions i usar eines tecnol\u00f2giques de seguretat.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"5_Un_bufet_dadvocats_pot_ajudar_empreses_victimes_de_spear_phishing\"><\/span><strong>5. Un bufet d&#8217;advocats pot ajudar empreses v\u00edctimes de spear phishing?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>S\u00ed, un bufet especialitzat pot assessorar en la presentaci\u00f3 de den\u00fancies, avaluaci\u00f3 de responsabilitats i en la implementaci\u00f3 de mesures legals preventives.<\/p>\n<div class=\"author-schema\" style=\"margin-top: 10%;\">\n<p><strong>Per consultes pots comunicar-te amb MITJANS ADVOCATS a:<\/strong> <a href=\"mailto:info@ms-advocats.com\">info@ms-advocats.com<\/a> .<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Estigues_connectat_amb_MITJANS_ADVOCATS\"><\/span>Estigues connectat amb MITJANS ADVOCATS:<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li>Website: <a href=\"https:\/\/ms-advocats.com\/\">ms-advocats.com<\/a><\/li>\n<li>On som: <a href=\"https:\/\/maps.app.goo.gl\/odWA6MSoWX17aHa36\" target=\"\" rel=\"noopener\">GOOGLE MAPS<\/a><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>L&#8217;spear phishing \u00e9s una de les amenaces cibern\u00e8tiques m\u00e9s sofisticades i dirigides que existeixen en l&#8217;actualitat. A difer\u00e8ncia del phishing tradicional, que envia correus massius a la recerca de v\u00edctimes a l&#8217;atzar, l&#8217;spear phishing s&#8217;enfoca en objectius espec\u00edfics, com empreses, funcionaris o bufets d&#8217;advocats, amb missatges altament personalitzats que busquen enganyar la v\u00edctima per obtenir [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":10224,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-10253","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/posts\/10253","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/comments?post=10253"}],"version-history":[{"count":0,"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/posts\/10253\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/media\/10224"}],"wp:attachment":[{"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/media?parent=10253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/categories?post=10253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ms-advocats.com\/ca\/wp-json\/wp\/v2\/tags?post=10253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}