Did the President send you an electronic Christmas card? Really? Well, it turns out that criminals spent the holidays impersonating the President of the United States in a clever phishing scheme.
Like all phishing schemes, this one appealed to the recipients’ desires, fears and curiosity to get the recipients to act. Relying on the fact that people would be inclined to open a message from the President, these bad guys were able infect computers in a handful of U.S. government agencies, the Massachusetts State Police and the Moroccan Ministry of Industry. The compromised computers appear to have sent information to servers in Belarus. Alex Cox, principal research analyst at NewWitness, said that this phishing attack appeared to be espionage.
If the smart guys at the National Science Foundation’s Office of Cyberinfrastructure (the agency that issues grants for the development of state-of-the-art supercomputers and other high-end development) can be fooled by a fake email, what chance do the rest of us have?
Fortunately, we have eMail ID. I do get email from the President. I know it is real:
When you get an email from the President, you, too, can know it’s real. Know who. No doubt. Use eMail ID.