May 10, 2012


As traditional methods of breaching computer security have been mitigated by both user and organizational efforts to keep their machines safe, a new and common method to spoof users is through fraudulent emails. It is so common, that it has developed a name…Spear Phishing. And the ones going ‘fishing’ for your private and sensitive data  are determined and have done their research on how trespass via your email to fool you into giving up financial information (and therefore money in some cases), your company trade secrets and competitive advantages, and military or government data.

Email phishing scams from unknown, untrusted sources, have been so publicized that most users know how to spot and abort them before information violation occurs. But this new Spear Phishing employs tactics that make it more likely the user will fall victim. They appear to come not only from a trusted source, but often from someone in your own company, a superior in many cases, or from a close relative. The subject line often will be one of relevance to either current projects of developments within the company, or may be related to family history.  The violation occurs when the user opens the emails, clicks on the link attached and then receives notification that they trojans or malware have been downloaded.

We train our customers to only open emails and attachments from trusted sources, ones they are certain are legitimate. Spear phishing has success in manipulating users into releasing confidential information for 3 reasons:

-The source appears to the user to be known, trusted, and one that the user has frequent correspondence with

-The verbiage used in the subject reinforces the validity that the source is legitimate

-The information requested seems to make reasonable sense to the user considering the ‘source’

An example of spear phishing would be an email that appears to come from a specified and known network or IT person within your company. It prompts you to login with your employee name and password. Upon doing so, malware is downloaded.  More threatening is that it only takes one employee to fall victim to an attempt like this. As once the perpetrator has the user name and password of that employee, s/he can then access great amounts of company data using that access.

To protect yourself against such scams, if you are not expecting an emailed request for specific information, do NOT respond or act without first contacting the ‘sender’ by telephone and verifying that the email is legitimate. You may also check if you can see the origin of the email either in the “from” or “reply to” headers. If an address is shown that is not an address used within your company or that is not associated with the name of the person ‘supposedly’ as the sender, then its most likely a scam. Do not just delete these emails. Report them immediately to your IT dept or your contacts for computer support needs.

 

ECS IT Solutions Partners