Spear-Phishing – The New Spying #4

Part of the fall-out from WikiLeaks was the Anonymous.com attack on various organizations.  One of the entities attacked was HBGary, a firm that provides cyber-security advisory services and products to government and industry.  Bloomberg News reports on the contents of some of the 60,000 emails that were stolen from HBGary.  These emails show that spear-phishing is a much larger problem than had been previously acknowledged. Bloomberg reports:

Security experts say that the hackers’ techniques now surpass the ability of even the most sophisticated companies to catch them easily. The e-mails show that hackers routinely bypassed firewalls with so-called spear-fishing e-mails that target executives, tricking the companies’ own employees into downloading malicious software and infecting their own networks.

Bloomberg reports that previously undisclosed spear-phishing attacks have hacked networks of many prominent companies including:

Baker Hughes Inc.
DuPont
Walt Disney Co.
Sony Corp.
Johnson & Johnson
General Electric Co
Exxon Mobil Corp.
Royal Dutch Shell Plc
BP Plc
ConocoPhillips
Marathon Oil Corp
Morgan Stanley
QinetiQ Group Plc (QQ/), a London-based defense company
Alliant Techsystems Inc., a smart weapons maker

Bloomberg quotes U.S. Senator Sheldon Whitehouse (D. RI), who chaired a U.S. Senate Select Committee on Intelligence task force on U.S. cyber security in 2010, “We are on the losing end of the biggest transfer of wealth through theft and piracy in the history of the planet.”

Bloomberg also quoted FBI Deputy Assistant Director Steven Chabinsky, FBI  cyber division, who said it would be hard to imagine that the scale of the current range of cyber attacks could grow larger.  “It appears that every industry is being victimized by intrusions.”  Chabinsky observed that “hackers also appear to be widening their targets, stealing information from vendors or contractors that may have strategic data about their clients, including public relations and law firms.”  The hacking of King & Spalding LLP, a large Atlanta law firm, illustrates his point.

Read the entire Bloomberg report at http://www.bloomberg.com/news/2011-03-08/hacking-of-dupont-j-j-ge-were-google-type-attacks-that-weren-t-disclosed.html

IRS Warnings – Tax Tip 2011-58

It is tax time again in the USA.  And that is the time for fake emails that pretend to be from the IRS. 

In its recent Tax Tip 2011-58, the IRS advised:

Identity Theft:

It pays to be choosy when it comes to disclosing personal information. Identity thieves have used stolen personal data to access financial accounts, run up charges on credit cards and apply for new loans. The IRS is aware of several identity theft scams involving taxes or scammers posing as the IRS itself. The IRS does not use e-mail to contact taxpayers about issues related to their accounts. If you have any doubt whether a contact from the IRS is authentic, call 800-829-1040 to confirm it.

How could I trust that Tax Tip 2011-58 was real?  Maybe it is a fake warning and the phone number I am supposed to trust is really a criminal.

This is my inbox with Tax Tip 2011-58.

In this Outlook display, I see two elements that cannot be faked.  These elements are the Check-lock icon that appears in the listview instead of the standard envelope and the icon that appears just above the message.  I know this is really from the IRS.

You can know who really sent you email, too.  

Know Who.  No Doubt.  Use eMail ID.

Phishing – The New Spying #3

You may recall that last month, we wrote about a spear-phishing attack in Canada.  Spear phishing is a very highly targeted email scam in which the email is carefully crafted to entice the specific recipient.  This differs from the now familiar Nigerian millionaire scheme which is based on fooling a very small percentage of a large number of recipients.

New reports from Canada indicate that the attack was not as benign as was initially reported.  It now appears that the hackers used spear-phishing attacks to gain access to confidential information in three departments of the Canadian government:

•  The Defence Research and Development Canada
• The Finance Department; and
• The Treasury Board

The attacks on the Finance Department and Treasury Board — the Canadian federal government’s two main economic agencies— forced these agencies off the internet.

Attacks against the Canadian government were first discovered in 2009 by the Canadian technology group, International Warfare Monitor.  In 2009, Information Warfare Monitor reported that a spy network based mainly in China had hacked into almost 1,300 government computers in 103 countries.

What can you do to protect yourself?  How can you know if an email is real?

Know who.  No doubt.  Use eMail ID.

Consumers More Engaged With Email

According to recent research published by Forrester Research, “Consumer Email Attitudes Improve.”, consumers are more engaged with email.  

Forrester compared research conducted since 2006 that showed these very important consumer shifts in email attitudes: 

• Consumers forward promotional email more often: In 2010, 12% of consumers say they sometimes forward promotional email to others, up from the 10% in 2008, and 9% in 2006.
• Fewer messages deleted without reading: In 2010, 59% of consumers said they delete most email messages without reading them, down from the 63% in 2008 and the 73% in 2006.
• Integrate email promotions and personal email: Only 10% of consumers say they have a separate email account they use just for receiving commercial email, down from the 15% in 2008. 

You can read more at: http://www.marketingprofs.com/charts/2011/4596/forrester-user-attitudes-toward-email-improving#ixzz1GFOLJOER

Consumers can make their email experience even better by using eMail ID, and senders can make sure their messages get noticed.  When the eMail ID app is installed, the undifferentiated text of the inbox is transformed into a highly informative visual presentation that makes quick work of finding the emails of interest.

 

Know Who.  No Doubt.  Email ID.

Trend Micro Video Contest

Trend Micro, the worldwide distributor of the Iconix Truemark solution, has announced an online video contest. 

The “What’s Your Story?” contest seeks short videos about internet safety.

Check it out at https://whatsyourstory.trendmicro.com/internet-safety/pg/the-competition  Open to all residents of Canada (excluding Quebec), the UK and the US, 13 years of age and older.

Phishing – The New Spying #2

You may remember reports of a spies infiltrating Canadian government and U.S. government computers using carefully crafted highly targeted phishing emails.   Now the French government has been compromised.  Patrick Pailloux , the executive director of France’s ANSSI (National Security Agency Information Systems), has identified this attack on the French Finance Ministry as espionage.

In what is becoming an all-too familiar scenario, highly sophisticated perpetrators sent carefully crafted emails with highly targeted content and calls to action to a select group of government officials.  Like all phishing schemes, this one appealed to the recipients’ desires, fears and curiosity to get the recipients to act.  

The French government confirms that at least 150 machines were infected with malware.  This malware surreptitiously sent files to computers, suspected to be  in China.  The compromised files concerned the G-20.  In response, the French government has been forced to shut down compromised systems.   

What can you do to protect yourself?  How can you know if an email is real?

Know who.  No doubt.  Use eMail ID.

Iconix Whitepaper – Getting More From Email Authentication

Today Iconix released a whitepaper entitled, “Getting More From Email Authentication.”

As the whitepaper describes, Email authentication is a technical means of identifying the sender of email.  When a sender uses email authentication, a public record is created that that can be used by the recipient to verify the identity of the sender.  However, email authentication is a self-issued credential.  The owner of phishing.com can authenticate its email.  Email authentication alone does not solve the problem of bad guys pretending to be good guys.  Email authentication is used by email filtering systems as an important spam indicator.  Unauthenticated email is suspect and is less likely to be delivered.  Additionally, by combining the identity of the sending server (which is determined using email authentication) with email reputation data from vendors such as Return Path, spam filters can be fine-tuned to do a better job of delivering messages that users want.  

Email authentication can help senders get their email into the inbox, but the delivered message looks like all the other messages – lost in a sea of text that makes it hard to find.  Recipients want to find emails of interest that are lost sea of text.  And when they find it, they want to know it’s real!  That is where Iconix comes in.

 

Just as you distinguish your goods and services with your trademark, you can now distinguish email you send using the Truemark® service from Iconix.  Using patented and patent pending extensions of email authentication, Iconix marks your email so that your recipients can instantly recognize your messages in the inbox.

To learn more, visit us at http://iconix.com/business/.