Spear-phishing emails targeting energy companies
Posted on 08 April 2013.
Information over-sharing can lead to cleverly executed and dangerous spear-phishing campaigns, warns the US Department of Homeland Security and the ICS-CERT.


According to an account in the latest edition of the ICS-CERT Monitor, a (luckily unsuccessful) spear-phishing campaign has recently been launched against 11 companies in the energy sector after a list of the attendees at a committee meeting has been published on the utility's website.

The list contained the names, work titles, company affiliations and email addresses of the attendees, and that was all the attackers needed. Impersonating one of the people on the list, they sent a specially crafted email to the rest notifying them about a change of the sender's email address and asking them to click on the attached link to a websites serving malware.

The report does not say whether the attacks were unsuccessful because the targeted email recipients recognized the spear-phishing emails for what they were, whether the emails were caught by the organizations' defenses, or whether it was pure luck that the recipients didn't follow the malicious instructions.

Still, the example illustrates perfectly how seemingly innocuous information can be effectively used to mount attacks.

"In order to reduce the likelihood of becoming a victim of spear-phishing attacks, minimize the business-related and personal information on social media Web sites," ICS-CERT advises. "Business-related information could include job title, company email, organizational structure, and project names. If information exists on other Web sites, contact the Web site owner and ask that it be removed."

Spear-phishing has become the preferred initial step of attackers looking to gain a foothold into an organization, as it targets the weakest link in most security chains: the human.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //