Criminals phish for CEOs via fake subpoenas
If you're going to cast your line, aim for the leviathan
IDG News Service - Panos Anastassiadis didn't click on the fake subpoena that popped into his in-box on Monday morning, but he runs a computer security company. Others were not so lucky.
In fact, security researchers said that thousands have fallen victim to an e-mail scam in which senior managers such as Anastassiadis are told that they have been sued in federal court and must click on a Web link to download court documents. Victims of the crime are taken to a phony Web site where they are told they need to install browser plug-in software to view the documents. That software gives the criminals access to the victim's computer.
This type of targeted e-mail attack, called "spear phishing," is a variation on the more common "phishing" attack. Both attacks use fake e-mail messages to try to lure victims to malicious Web sites, but with spear phishing, the attackers try to make their messages more believable by including information tailored to the victim.
The e-mail sent to Anastassiadis, CEO of Cyveillance, included his name, the company's name and even the correct phone number, said James Brooks, director of product management at the security vendor. "Given the nature of our business, he suspected something right away and forwarded it to our operations center."
However, VeriSign Inc.'s iDefense division has tracked more than 1,800 victims who clicked on the message. "This is probably one of the largest spear-phishing attacks we've seen to date in terms of number of victims," said Matt Richard, director of iDefense's Rapid Response Team.
VeriSign said the criminals behind this scam may be the same ones who launched an attack last month that used fake e-mails that appeared to be from the Better Business Bureau. And the U.S. courts have been warning computer users for years now of an ongoing scam where victims are told that they have failed to show up for jury duty and then asked to enter sensitive information into a phishing site.
"The malware itself is not particularly interesting. It was clever that it went straight to CEOs and it didn't really blast the whole world," said John Bambenek, a security researcher at the University of Illinois at Urbana-Champaign and volunteer at the Internet Storm Center.
"For someone who doesn't know what a legal document looks like, it kind of passes the smell test," he added. "When they see they've been subpoenaed, people panic, and they click on things they shouldn't."
The mail directs the victim to a Web site that ends in "...uscourts.com" and is very similar to a legitimate .gov domain used by California courts, Bambenek said. The Web server delivering the malware is based in China, while the computer that then controls the victim's computer is based in Singapore.
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!