RSS Alerts

Related Stories

  • PDF attacks skyrocket, says Symantec
    Web-based attackers are increasingly targeting PDF files to compromise machines online, according to new figures released by Symantec. In the April version of its Internet Security Threat Report, the company revealed that half of all Web-based attacks in 2009 targeted PDF files, compared to just one in 10 attacks reported the previous year.
  • Information security and the stock market
    The financial system is considered part of the critical national infrastructure as far as the USA is concerned. Danny Bradbury asks what steps are being taken to protect the stock market, and the companies that use it?
  • Look After Your SCADA Heart
    Critical national infrastructures such as the National Grid, water and other utility networks have SCADA technology at their heart, but how are these systems protected against hacker, malware and terrorist attacks? Steve Gold spoke to the major players in this important, but little-understood, side of the security industry
  • Secret Service shows business how to fight cyberthreats
    Business needs to be more proactive in its approach to security in the face of increased insider threats and customized malware, says Verizon Business.
  • New phishing attack disguised as a PDF reader update
    Malicious e-mail attacks that look like PDF reader updates have been increasing in volume since the middle of June, says Symantec Hosted Services.

News

Spear-phishing Attacks Attain Record Levels

13 June 2008

Targeted social engineering attacks, also referred to as spear phishing, are on the rise.

VeriSign said it has tracked 66 separate attacks since February 2007, 95 percent of which may have originated from two groups. More than one quarter of the attacks occurred in April and May 2008.

VeriSign estimates that roughly 15,000 people may have been victims of stolen data over the past 15 months and that victim losses can exceed $100,000.

The email-based attacks target individual users and contain personal information such as name, company and mailing address. VeriSign said many of the attacks target senior executives and other high profile individuals.

VeriSign’s iDefense Rapid Response Team expects the volume of spear phishing attacks to continue but noted the attacks do not use vulnerabilities in the operating system or applications to install malicious code.

Of the two groups of attackers responsible for the majority of these attacks, one group, known as Group B, installs a Browser Helper Object capable of logging SSL encrypted sessions and performing man-in-the-middle attacks on two-factor authentication systems.

The other group, called Group A, went through a period where they installed a full version of the Apache Web server on victims’ computers. This group commonly installs a key logger that is also capable of performing attacks on two-factor authentication systems.

VeriSign said recent attacks have netted more than 2,000 victims in May alone and the attacks claimed to have come from the US Federal Trade Commission, Internal Revenue Service, the Better Business Bureau and the US Tax Court.

 

This article is featured in:
Internet and Network Security Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water