Did the President send you an electronic Christmas card? Really? Well, it turns out that criminals spent the holidays impersonating the President of the United States in a clever phishing scheme.
Like all phishing schemes, this one appealed to the recipients’ desires, fears and curiosity to get the recipients to act. Relying on the fact that people would be inclined to open a message from the President, these bad guys were able infect computers in a handful of U.S. government agencies, the Massachusetts State Police and the Moroccan Ministry of Industry. The compromised computers appear to have sent information to servers in Belarus. Alex Cox, principal research analyst at NewWitness, said that this phishing attack appeared to be espionage.
If the smart guys at the National Science Foundation’s Office of Cyberinfrastructure (the agency that issues grants for the development of state-of-the-art supercomputers and other high-end development) can be fooled by a fake email, what chance do the rest of us have?
Fortunately, we have eMail ID. I do get email from the President. I know it is real:
When you get an email from the President, you, too, can know it’s real. Know who. No doubt. Use eMail ID.
Iconix - Email IFF 
[…] you have very limited information upon which to apply the “Think” step. Is an email Christmas Card from the President too good to be true? Government officials around the world, including those at the United States […]
[…] may remember reports of a spies infiltrating Canadian government and U.S. government computers using carefully crafted highly targeted phishing emails. Now the French government has […]
[…] Examples include the attack on the French Finance Ministry, the government of Canada and the government of the United States. In these government attacks, the purpose was espionage, not identity theft. Epsilon’s data […]