Phishers Go For The Big Fish
In general, targeted attacks don't make front page headlines -- unless the victims are thousands of top executives of major corporations. This year, phishers went after the big fish as thousands of top executives across the country fell victim to a new and highly sophisticated attack requesting them to appear before a grand jury.
The phishing message, which mimicked legitimate subpoenas from the United States District Court in San Diego, was highly targeted with the recipients' name, phone number, company and correct e-mail address, and appeared to have an official-looking URL. Once opened, recipients were requested to click a link and download case histories and associated information. But upon opening the link, victims downloaded information-stealing malware -- keystroke loggers that record passwords and other personal data -- which was then sent to the remote attackers. The U.S. District Court, Central District of California posted an advisory on its Web site warning users about the attack and stating that the court's administrative office had notified the FBI.