Spear Phishing Threat Alert

Networking/Security Forums -> Physical Security and Social Engineering

Author: Tom BairLocation: Portland, Oregon USA PostPosted: Sun Oct 02, 2005 10:02 pm    Post subject: Spear Phishing Threat Alert
Latest trend is targeted email attacks trying to lure you in with specific, convincing message content.

A common example of the latest 'Spear Phishing' email text is as follows:

After three unsuccessful attempts to access your account, your Online Profile has been locked. This has been done to secure your accounts and to protect your private information. You may unlock your profile by going to: ...

Although the above appears to be a normal phishing email text, the surprise is in these emails appearing to come from a related source. An example would be the head of IT at your small business sending you this email to warn you about your company account. Would you trustingly click on the link provided in the email without giving a second thought about it?

These emails aimed at smaller groups such as University students, Credit Union members, and smaller businesses are greatly increasing lately. According to IBM's Global Security Index report, intercepted spear-phishing attempts exploded from a mere 56 instances in January 2005 to more than 600,000 cases in June 2005.

Protect yourself by:

Being skeptical of any emails concerning your account information.

Call the named organization sending the suspicious email.

Don't click links in email, navigate to the home page on your own. You may also compare the URLs of both in your browser's Address Window.

Networking/Security Forums -> Physical Security and Social Engineering

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group