Thursday, November 15, 2007
Categorized | Interesting articles, Phishing
Spear Phishing
Posted by Reagan Taylor | Thursday, November 15, 2007
Scammers are becoming increasingly more sophisticated; yes, there are those who still pump out the countless faux-prescription drug offers, but some have taken a smarter approach. In a recent ComputerWorld article, Barbara Darrow explored the realm of C-level attackers – the snipers in the SPAM game.
In the article, Darrow explains how Spammers collect company and personal information on upper management – it’s a combination of data from your website and investor relations info combined with personal information from social sites liked LinkedIn. These C-Spammers then create an email that appears to be from the target’s direct report, colleague etc. The goal is to make the message appear to be from someone legitimate, so that the target will open and (unknowingly) deploy the virus/ worm via the included attachment.
According to Darrow, these attacks are on the rise for three reasons:
1) Execs are reading their own emails – rather than depending on an administrative assistant.
2) Emails are often being checked via a hand-held device, which is less secure
3) Social sites are on the rise, and there are more details out there than ever before
To combat these attacks you must first know they exist, other steps include the strengthening of network security (i.e. use the VPN or integrated portal to connect to access the network). Finally, be wary of social networking, you can participate (and benefit) without giving away everything.
Subscribe to:
Post Comments (Atom)
0 Responses to “Spear Phishing”
Post a Comment