NSA Used In Spearphishing Scam
Cyveillance reports on a new spearphishing scam that masquerades as the National Security Agency. The malicious email claims to be from the NSA and exploits the recent compromise of the RSA two factor authentication token to deceive the recipient. This is an image of the scam email: Cyveillance elaborates on the power of this scam: The sender name is spoofed to appear to come from “protection@nsa.security.gov” and the links go to national-security-agency.com, a domain that was just registered yesterday. This attack is a perfect example of how deeply spear-phishers understand the psychology of social engineering users. It invokes the authority of a respected [...]