Google and Facebook were victims of a spearphishing scam in which the attacker stole $100 million. Paragraph 6 of the indictment details some of the allegations: ... as part of the scheme, fraudulent phishing emails were sent to employees and agents of the Victim Companies. The emails purported to be from employees and agents of Company‑1 [the real supplier], but in truth and in fact, they were not sent or authorized by employees or agents of Company‑1. The fraudulent emails were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents [...]
According to TAPintoNewark, the online newspaper in Newark, Jersey, someone is shaking down the City of Newark for 24 Bitcoin (about $30,000) in a ransomware attack. How did this happen? TAPintoNewark explains: The RSA-2048 maleware typically infects a user's computer when they are tricked into running an attachment in a spam email. Once the maleware is launched, it encrypts files and requires a "private key" to open them. The private key is only provided after the user pays the ransom. Why would a user open an evil email and then run an evil attachment? Because the email is a carefully crafted work [...]
SC Media is reporting that the cybercriminals known as the Callisto Group have been targeting the UK Foreign Office. SC Media reports that the unknown attackers are seeking to steal information regarding European foreign and security policy from military personnel, government offices, think tanks and journalists. The targets are concentrated in Eastern Europe, the South Caucasus, Ukraine and the U.K. The tool of choice -- Spearphishing.
This week's patch Tuesday brought a Microsoft Word patch to fix a particularly nasty exploit used by bad guys to compromise your system. The traditional attack progresses through eight steps: 1. Email bypasses defenses, delivered to inbox. 2. User sees email. 3. User opens email. 4. User sees attachment. 5. User opens attachment. 6. User sees active content prompt. 7. User enables active content. 8. Evil activated. The exploit eliminated steps 6 & 7. Using the exploit, the attacker was able to install tools merely by the user opening the attachment, without the user enabling the active content. As soon as the user opens [...]
The United States indicted four Russians for compromising over 500 million Yahoo! user accounts. Indicted Russian Hackers So, how did they do it? In an interview with Ars Technica, the FBI said that the hackers gained access to Yahoo!'s systems using ------ Spearphishing!
In the W-2 phishing scam, the bad guy sends an email pretending to be an executive requesting the firm's payroll tax data. In the business email compromise, the bad guy sends an email pretending to be an executive sending wire transfer instructions. The IRS is warning about a new scam that combines the W-2 scam and the business email compromise into a merged scam. According to KrebsOnSecurity: “This is one of the most dangerous email phishing scams we’ve seen in a long time,” IRS Commissioner John Koskinen said. “Although not tax related, the wire transfer scam is being coupled with [...]
Lloyd’s of London (the insurance company) and the University of Cambridge Centre for Risk Studies did a study estimating the losses that could result from a cyberattack on the power generation system of the United States. The study estimates that the cascading failures that could result from a cyberattack on the U.S. power grid could result in losses of over $1 trillion. What triggers the losses in this study? A spearphishing email. Could such a thing really happen? It already did in Ukraine. In December of 2015 someone used a spearphishing email to seize control of a power grid in [...]
Yesterday the FBI and DHS released their joint report on the compromise of the Democratic Party during the 2016 Presidential Elections. The report blames the Russians for the cyber incidents that the Democrats suffered. It is worth noting how the Russians compromised the Democrats. Spearphishing. All the dirty work presented in the FBI/DHS report was made possible by spearphishing. The report summarizes the attacks with this graphic: The critical path of the attack goes through Recipient who must perform Step 4 "Clicks on link and enters credentials." What this report skips over is what occurs between Step 3 "Sent To" [...]
On December 13, 2016, The New York Times reported new details of the cyberattack on the Clinton Presidential Campaign. John Podesta At the center of the attack was a spearphishing email to John Podesta, the campaign manager, that started the chain of events which compromised the Clinton Presidential Campaign.
Manhattan D.A. Vance Jeh Johnson, Secretary of Homeland Security, and Cyrus Vance, Jr., the Manhattan District Attorney, recently spoke at a security conference in New York City. Fortune reported on the event. At the event, Secretary Johnson reiterated his long-standing warning about the perils of evil email that appear to come from a trusted source. Secretary Johnson observed, The most devastating attacks by the most sophisticated attackers almost always begin with the simple act of spear-phishing. District Attorney Vance echoed the Secretary's observations, Phishing—mundane as it is—is the biggest threat we face and need to tackle. Bad guys [...]