Hackers soon learned for example that if a worm took advantage of a Windows IIS IV web server vulnerability the hacker should simply attack only known Windows IIS IV machines. This dramatically reduced the noise and there by reduced the ability of the internal security community to understand quickly what was going on and develop the necessary countermeasures in a timely manner.
Those involved in Phishing attacks have realized that reducing the tell-tale “noise” from mounting a targeted attack is not rocket science, it is simply a logical evolution. Why risk spamming a mass audience and creating “noise” on the Internet when you can reduce your exposure by simply focusing on a select target group of addresses that have a high probability of success.
Who would be a better candidate for having an account at a bank than perhaps a bank employee?
I had an opportunity to meet with security experts from a number of financial organisations at a conference I was speaking at recently. They noted that in the past year that Phishers were actually getting better at writing the emails they used in their attacks. Previously, in many cases the poorly written spam emails from Phishers would quickly blanket an entire country, with a relatively small percentage of recipients having a probability of actually even having an account at the specific Bank. The language/grammar was often poor and clearly not written by a native speaker. The large address pool used and the speed at which the emails were being broadcast were easy triggers for filters that would bring immediate attention and alert the internal security community.
The quality of the emails in terms of spelling and grammar which was previously a dead giveaway has markedly improved, limiting a previous tell-tale sign of a Phishing email.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.