Browse archive

Latest news

The security of WordPress plugins

How to detect hidden administrator apps on Android

Key obstacles to effective IT security strategies

CyanogenMod founder aims to thwart data-grabbing apps

Businesses not fully implementing infosec programs

Is accessing work apps on the move destructive?

Microsoft releases Enhanced Mitigation Experience Toolkit 4.0

New regulation for ENISA, the EU cybersecurity agency

F-Secure advances fight against exploits

Free anti-spam software for the Mac

Information security executives need to be strategic thinkers

U.S. tech companies sharing bug info with U.S. govt before releasing fixes

Account takeover attempts have nearly doubled

It takes 10 hours to identify a security breach

Guccifer hacks U.S. nuclear security agency chief

British GCHQ spied on G20 delegates to gain advantage in talks

Hacking charge stations for electric cars

Phishers Are Improving Their Chances of Success with Targeted Attacks

by Paul A. Henry - Vice President of Secure Computing - Monday, 10 April 2006.

More importantly, it was noted that for the past 6 months Banks have seen more and more Phishing emails directed at their own employees. The Phishers appear to have recognized that by limiting the spam emails to employees of the Bank by reducing the size of the pool of address and by also slowing the rate at which the emails were sent, they could potentially reduce the chances that the Phishing emails would trigger alerts and therefore increase their chances of success. Thankfully the Banks I have spoken to have already taken a sound, layered approach to security and made the adjustments necessary to fend off this new targeted methodology from malicious Phishers.

Targeted Phishing is an evolution of the art and is easily pulled off:

Creating a list of prospective victims within an organization is easy. Freely downloadable tools like “Atomic Harvester” are available on the internet that allow anyone to scour the Internet in search of email addresses on web pages and in news group postings for any given domain (i.e. *@yourbank.com) in order to develop selection of high probability targets. Further, inadequately protected mail servers allow a phisher to easily harvest an organization’s entire email address directory by simply using a common command “Expand” that returns all of the individual email addresses used in common email group alias such as allemployees@mybank.com or managers@mybank.com

The same fine tuning by malicious hackers that has evolved into Targeted Phishing in the finance sector has also recently occurred at government departments and credit unions with credit union employees being the selected focus of the Phishing attack targeting the credit union. Again, by targeting a smaller group of email addresses and sending the emails out at a rate that does not trigger common security filter alarms, this new methodology used by Phishers has the potential to dramatically improve their chances of success.

The BlackHat community is well known for its ability to quickly communicate new ideas within the population for wreaking havoc on the Internet. Hence it can be a safe assumption that this the new targeted Phishing attack methodology will spread quickly across the Internet.

For individuals that are targeted in these attacks the typical steps to protect yourself from ordinary ID Theft still apply with minor modifications to meet the additional risks imposed with targeted ID theft: