Spearphishing Example – Spoofing FireEye

Hackers seeking to steal confidential information from Tibetan activists are using spearphishing emails to infiltrate systems.  Spearphishing occurs when hackers use socially engineered emails in order to deceive targeted email recipients into compromising their systems.

In a textbook example of a spearphishing, reported by The Hacker News, hackers are pretending to send emails from the trusted security company FireEye.  This is an example of one of those fake FireEye emails:

In order to prevent social engineering from deceiving the email recipient,  SP Guard from Iconix modifies the email client’s display to provide a visual indicator of the identity of the sender of email. This is an example from Outlook, the popular business email client, in which a company called “MyCo” is marking their internal messages as well as those from trusted partners such as their law firm.  Note especially the last message, though seemingly benign, is a spear-phishing message and is not marked as authentic:

SP Guard Inbox

SP Guard provides the email recipient with three easy to recognize confirmations that a message is really an internal email or from a trusted counterpart:

  1. List View. There is an integrity indicator in the list view of the email client.
  2. Message. The open message has a further indicator of authenticity.
  3. Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.

SP Guard is available now from Iconix.  For further information, contact us at 408-727-6342, ext 3 or use our online form.

Advertisements

Comments are closed.