You may recall that last month, we wrote about a spear-phishing attack in Canada. Spear phishing is a very highly targeted email scam in which the email is carefully crafted to entice the specific recipient. This differs from the now familiar Nigerian millionaire scheme which is based on fooling a very small percentage of a large number of recipients.
New reports from Canada indicate that the attack was not as benign as was initially reported. It now appears that the hackers used spear-phishing attacks to gain access to confidential information in three departments of the Canadian government:
- The Defence Research and Development Canada
- The Finance Department; and
- The Treasury Board
The attacks on the Finance Department and Treasury Board — the Canadian federal government’s two main economic agencies— forced these agencies off the internet.
Attacks against the Canadian government were first discovered in 2009 by the Canadian technology group, International Warfare Monitor. In 2009, Information Warfare Monitor reported that a spy network based mainly in China had hacked into almost 1,300 government computers in 103 countries.
What can you do to protect yourself? How can you know if an email is real?
Know who. No doubt. Use eMail ID.