Iconix Acquires Exclusive Rights to IP Portfolio of Brandmail Solutions

ICONIX, Inc., the industry leader in visual email solutions, announced today that it it has acquired exclusive rights to the intellectual property portfolio of Brandmail Solutions. This acquisition provides Iconix with technology that will enable rapid, large-scale deployment of services that visually identify legitimate messages, thus protecting users and brands from phishing attacks and increasing user engagement with email. "With the recent wave of data breaches and increased spear-phishing threat to consumers and enterprises, the need for a simple, intuitive indicator of trusted email is greater than ever," said Jeff Wilbur, vice-president of marketing at Iconix.  "The Brandmail technology dovetails [...]

Spear-Phishing a Major Concern — IID Survey

Internet ID ("IID") recently released a survey on concerns about spear-phishing. IID surveyed a large government organization, major online brands, and large and small banks.  The survey revealed that because of recent breaches, many are concerned about spear-phishing .  More than 85% of respondents acknowledged some concern about spear phishing, with 33% saying that they are “extremely concerned.” There are two types of spear-phishing, each requiring a specific solution. The first type of spear-phishing occurs when the criminal deceives consumers by masquerading as a trusted sender.  A recent example of this scam was the fake email offering HSBC customers tickets to Wimbledon.  [...]

2017-01-07T17:35:27+00:00June 23rd, 2011|Iconix Truemark Service, SP Guard, spear phishing|

HSBC Customers Phished

Naked Security reports on a phishing scam directed at customers of HSBC. Scammers sent out emails which offered the email recipient free tickets to the Wimbledon matches. In order to claim the prize, the attached form had to be completed. The email has some clear signs of being real.  HSBC really sponsors Wimbledon and HSBC really runs a contest to meet Tim Henman.  Unfortunately, the email isn't from HSBC, there are no free tickets and if the form is completed, the recipient's identity is stolen. Naked Security reminds us to always be suspicious of unsolicited emails from your online bank - [...]

2017-01-07T17:35:27+00:00June 17th, 2011|Iconix Truemark Service, Phishing|

International Monetary Fund Infiltrated — Spear-Phishing

Bloomberg is reporting that the International Monetary Fund ("IMF") has been infiltrated, probably by a spear-phishing attack.  Spear-phishing is a scheme of deception in which the perpetrator uses personalized information about the email recipient to heighten the perceived value of the email's call to action, thereby inducing the recipient to take detrimental action.    Bloomberg reports that a large quantity of data, including documents and emails, had been compromised.  The Bloomberg article cites one IMF memo which said that the IMF had disconnected its network connection to the World Bank as the result of the attack. Bloomberg reports that on June 1, 2011, [...]

2017-01-07T17:35:27+00:00June 13th, 2011|SP Guard, spear phishing|

Spear Phishing Examples

The recent compromise of the email accounts of U.S. Government officials has been widely reported.  As the New York Times reported, these emails appeared to come from trusted colleagues.  The content was consistent with what was expected from real emails.  Because of the apparent source of the emails and the relevant content, the recipient was deceived into taking compromising actions.  How hard is it to create a compelling email?  What do these spear-phishing emails look like?   We find the answer at contagio, where several examples of these malicious emails are posted.  Here are two: The first example shows how the content was [...]

2017-01-07T17:35:27+00:00June 10th, 2011|SP Guard, spear phishing|

FBI Investigates Spear-Phishing

On Thursday, June 2, 2011, Secretary of State Hillary Clinton said that the FBI would investigate Google's accusation that Gmail accounts were hacked by China. Secretary of State Clinton Addresses Spear-PhishingThe New York Times cites Lt. Col. Gregory Conti, a computer security expert at West Point  as saying that the  momentum is on the side of the attackers.  He observed that it is becoming harder and harder to detect fraudulent emails because the bad guys were able to gather so much information about their targets from the Internet, particularly from social networks like Facebook.    “What’s ‘wrong‘ with these e-mails is very, [...]

2017-01-07T17:35:27+00:00June 3rd, 2011|SP Guard, spear phishing|

Google says hackers based in China accessed U.S. officials’ Gmail accounts

Today it has been widely reported that gmail accounts of U.S. Goverment officials were accessed by hackers.  The Washington Post reported: Google said Wednesday that personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, had been exposed. Google traced the origin of the attacks to Jinan, China, the home city of a military vocational school whose computers were linked to a more sophisticated assault on Google’s systems 17 months ago. The two attacks are not believed to be linked. The security blog contagio first reported on this problem on February 17, 2011.  The [...]

2017-01-07T17:35:28+00:00June 2nd, 2011|SP Guard, spear phishing|