Washington Post Reports on Spearphishing

On September 26, 2012, The Washington Post investigations team published an article entitled, “In cyberattacks, hacking humans is highly effective way to access systems.”

The authors prepared a fascinating graphical description of a highly targeted email attack.  The graphic shows how the hacker starts by using data readily available on the internet to gather information about the target.  The attacker than crafts an email that will be enticing to the target.  When the target takes the action requested in the targeted email, malware is installed in the victim’s system.  At this point, the attacker is free to steal data and disrupt systems.

Demonstrating the persistence of the efforts to trick the victims into responding, the Washington Post noted:

The attackers were relentless, launching e-mails on at least 13 days. They also were creative. Attached to the e-mails were documents covering a variety of subjects that might be of interest to the executives: the U.S. debt crisis, Adobe updates, iTunes help and an analysis of the presidential election.

Spearphishers deceive by masquerading as trusted senders. SP Guard from Iconix provides the ability to distinguish real email from spearphishing attacks.  Click here to learn more.  You can contact us at 408-727-6342, ext 3 or use our online form.


Comments are closed.