13 August 2007

Targeted Phishing


Spear Phishing: A Targeted Attack

Posted August 13th at 12:01 pm | Tags: Catherine Forsythe, data breach, identity theft, phishing, security, spoofing |

from Flying Hamster

One of the common, well known attempts at identity theft is phishing. You may received email asking you to do things like verify your PayPal account or your eBay account. The criminals are casting a wide ‘net’ with broadcast spam to see who will respond. Playing the numbers game, if enough spam is sent out, someone will make the error and carelessly give up their personal information.

Spear phishing is not broad spectrum spamming. It is very specific and targeted. For example, if you received an email from someone from your tech support services asking to confirm your security code, would you do it? The email is addressed directly to you and has your name in the text of the note. A glance at the email address shows that it is a company email. If you send back your security code or password, you may have been ‘phished’ - specifically, you have been ’spear phished’. You were targeted.

Email addresses can be spoofed. And the mention of your name in the text is just social engineering. It is to manipulate you into feeling secure and giving up the information. Obviously, in business, the senior management has access to the sensitive data. One breach there could mean a security problem involving hundreds, perhaps thousands, of files containing information for a staggering number of identity thefts.

The spear phishing is not limited to businesses. It can happen to anyone. An example is the recurring jury duty scam. In this ploy someone may call or write and tells you that you have been negligent in performing your jury duties. You may reply that you did not receive any notification. The hacker then asks you for your social security number to confirm that the documents are indeed yours. And you can guess the rest… it’s spear phishing on a smaller scale.

Obviously, the precaution is to check before giving out any sensitive information. Check thoroughly and then check again. And even then, you may want to say ‘no’…

Catherine Forsythe



Just because it looks and sounds real doesn't mean that it is. If you are uncertain as to the truthfulness of an email contact or a mix of email and telephone contacts, do your own research. Do an internet search for the organization or entity and follow up based upon the contact information that you discover. Check out Rip Off Report. This is a great resource which helps unsuspecting consumers make decisions about suspicious emails or offers.

Another good resource is Fraud Watch International.

Above all, use good judgement. If need be, please respond to this blog on this post and I will take a look at the information you have submitted. While I cannot always be 100% accurate, I will do my best.

Stumble Upon Toolbar

0 comments:

What Words Offend Arabs? The Truth.

Children's Poetry Booklet Recalled After Arabs Complain
(Israeli censorship kowtows to Arabs.
When Will We Tell The Truth Without Fear)

(IsraelNN.com 7 Sivan 5768/June 10, '08) Ynet's web site and Arab complaints against a ten-year-old boy's poem about terrorists has resulted in the recall of all of the Nes Ziona municipality's children's poetry booklets.

Ynet boasts that its coverage of the poem resulted in its being recalled.

The text of the poem (Ynet's translation):

Ahmed's bunker has surprises galore: Grenades, rifles are hung on the wall. Ahmed is planning another bombing!What a bunker Ahmed has, who causes daily harm.Ahmed knows how to make a bomb. Ahmed is Ahmed, that's who he is, so don't forget to be careful of him.We get blasted while they have a blast!Ahmed and his friends could be wealthy and sunny, if only they wouldn't buy rockets with all their money.

Poetry competition director Marika Berkowitz, who published the booklet, was surprised at the protests and told Ynet: "This is the boy's creation and this is what he wanted to express. Of course there should be a limit, but I think the there is no racism here. 'Ahmed' is a general term for the enemy. These are the murmurings of an innocent child."

The Education Ministry told Ynet: "The local authority that published the booklet should have guided the students in a more correct manner through the schools. The district will investigate the issue with the local authorities."
4Torah.com
4Torah.com Search from Pre-Approved Torah sites only
Photobucket
Custom Search

Twitter Updates

    follow me on Twitter