FBI – #1 Attack is Spearphishing

The Los Angeles Times recently posted an interview with Austin Berglas, assistant special agent in charge of the FBI's cyber branch in New York. In the interview, Special Agent Berglas discussed cyber threats against America.  Among the threats he discussed were the vulnerabilities of the banking industry and the stock exchanges.  He observed: Our message always boils down to everybody protecting themselves while on the Internet.... The No. 1 vector of attack for these bad guys is social engineering — the spear phish, the phishing e-mails ... This is certainly good advice - protect yourself from spearphishing.  But how do you [...]

2017-01-07T17:35:18-05:00September 23rd, 2013|SP Guard, spear phishing|

NetTraveler Is Back – Spearphishing Its Way to Data

NetTraveler is command and control software that is secretly installed on networks to steal data. Kaspersky Labs reported on the discovery of this threat back in June of this year. Kaspersky Labs has discovered that NetTraveler is back -- this time using spearphishing emails to target Uyghur activists.  Kaspersky provided this screen shot of an attack email:   The translation of this message is “The spokesman of the WUC made the following statement about the massacre in Karghiliq country. To the kind attention of everyone.”  A message about a local massacre is a strong call to action for Uygher activists.  When the link [...]

2017-05-23T15:01:27-04:00September 20th, 2013|SP Guard, spear phishing|

How To Find Spearphishing Targets – Video Tutorial

In order to send a highly targeted attack email, the attacker needs to identify the target.  How can an attacker identify targets?  The attacker needs names, functions, email addresses.  back | track 5r3 is a hacker tool which gives hackers the power to find those targets. This is a video that shows back | track 5r3 being used to download a list of google employees including their names,  titles, departments, office locations, and email addresses: Of course, a data dump is hard to use, so back | track 5r3 includes a feature to download the targeting data to a spearsheet. Cybersecurity is focused on defending systems. In response, almost [...]

2017-01-07T17:35:18-05:00September 17th, 2013|SP Guard, spear phishing|

News You Can’t Use – Beware of Fake Emails

The press is reporting that cyber attackers are using fake emails about the G20 conference to infiltrate financial, governmental and economic development organizations. No doubt it is interesting to know that bad guys are using fake G20 emails to infiltrate systems. But is that information really useful?  If you tell employees who interact with G20 materials not to open suspicious G20 materials, how do they actually do that?  The bad guys construct messaging and bait that looks real -- the entire purpose of social engineering is to look important, not suspicious.  That is why, even after being warned, the AP reporter [...]

2017-01-07T17:35:18-05:00September 6th, 2013|SP Guard, spear phishing|

Syrian Electronic Army Occupies U.S. Marines (website)

Today the Syrian Electronic Army took over the website of the United States Marine Corps.  This was the new homepage of www.marines.com:   It has yet to be determined how the SEA took over the site.  Historically, the infiltration method used by the SEA is spearphishing. Iconix fights spearphishing. Spearphishers deceive people into making bad email decisions that compromise security. IT needs to help employees make better email processing decisions. That is where SP Guard comes into play. Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly effective manner. You can contact [...]

2018-04-05T13:04:03-04:00September 2nd, 2013|SP Guard, spear phishing|