(April 16 & 17, 2008)
A spear phishing attack emerged this week targeting high-level executives at US firms. The emails, which include the executives' names and other specific information, appear to be subpoenas from the US District Court in San Diego. The link, which is supposed to be a copy of the subpoena, actually installs malware on the victim's computer that is capable of logging keystrokes and sending the harvested information to the attacker. An additional piece of malware allows the attacker to take remote control of the victim's computer. Phishing attacks that
target corporate "big fish" have been referred to as "whaling."
NY Times
The Register
Computerworld
[Editor's Note (Honan): As these "Whaling" attacks are becoming more prevalent you should ensure you make your senior management on this threat. Reviewing their profiles on online business networks and Googling their names is one way of highlighting to them the amount of personal information they are leaking which could be used against them.]
I guess there is a certain amount of satisfaction when 'the bosses' get conned, evidenced by calling this whaling, but the truth remains that social engineering is still the easiest way to penetrate an organisation or a computer. And anyone can fall prey to this attack vector.
This attack is obviously more sophisticated than those that simply fire off thousands of anonymous mailings claiming to be from a bank that you may or may not use. However, in this case, the rewards for a successful attack are also much higher as the targets are likely to have more valuable information on their computers.
It's also an important heads-up. One of the easiest ways to recognize a phishing attack is the generic nature of the mailing. This highlights that just because a message contains specific information about a target is no reason to assume that it's legitimate. It's now important to also know what information about yourself is publicly available.
And that means that you have a legitimate excuse to indulge in a bit of ego-surfing... go on, Google is your friend.
0 comments:
Post a Comment