It is being widely reported that France is accusing the US of cyberespionage. Techspot reports the details of how the spies were able to infiltrate the computers of President Sarkozy’s advisors to steal information.
In order to pull off the attack, the hackers leveraged their social engineering skills. First, they used Facebook to identify individuals close to Sarkozy and his team. Those hackers then crafted a bogus yet effectively indistinguishable clone of Elysee Palace’s website and sent phishing emails to lure Sarkozy’s advisers into logging on. When Sarkozy’s trusted cohorts attempted to log on to the fake page, hackers recorded their passwords and subsequently used them to access the real palace website.
L’Express provides more details and a graphic that summarizes the attack.
This is not the first time that fake emails have compromise the French government. The French Finance Ministry was compromised last year. Of course, the US is not immune from such attacks — as demonstrated by the recent attack on the White House.
Spearphishers deceive by masquerading as trusted senders. SP Guard from Iconix provides the ability to distinguish real email from spearphishing attacks. You can contact us at 408-727-6342,ext 3 or use our online form.