Seculert is reporting that Israeli organizations, including the Civil Administration of Judea and Samaria, have been compromised by spearphishers. The attack emails masqueraded as originating from Shin-Bet, the Israel Security Agency. At least 15 computers were infected with Xtreme RAT, a form of remote access software that opens a back door for the attackers to access systems.
Although the attack messages had clues that the messages were suspicious (suspicious email address, poor grammar), the attack again demonstrates that people processing email in an operational environment are not forensic engineers — people are creatures of habit responding to clues of perceived relevance and urgency. In this attack, the bad guys pretended to be Shin-Bet and sent messages about Shin-Bet’s anti-terrorism work and the passing of former Israeli Prime Minister Ariel Sharon.
Spearphishing Bait
Spearphishers deceive by masquerading as trusted senders. SP Guard from Iconix provides the ability to distinguish real email from spearphishing attacks. Click here to learn more. You can contact us at 408-727-6342,ext 3 or use our online form.