Scammers pose as execs in 'spear-phishing'
Spear phishing has emerged as one of several kinds of "targeted attacks" that experts said have grown more common in 2005. Rather than posing as a bank or other online business, spear phishers send e-mails to employees at a company or government agency that appear to come from a powerful person within the organization.
Unlike basic phishing attacks, which are sent out indiscriminately, spear phishers target only one organization at a time. Once they trick employees into giving up passwords, they can install Trojan horse programs or other malicious software to ferret out corporate or government secrets.
At the U.S. Military Academy in West Point, N.Y., several internal tests found that cadets were all too willing to give sensitive information to an attacker posing as a high-ranking officer. "It's the 'colonel effect.' Anyone with the rank of colonel or higher, you execute the order first and ask questions later,"
Unlike basic phishing attacks, which are sent out indiscriminately, spear phishers target only one organization at a time. Once they trick employees into giving up passwords, they can install Trojan horse programs or other malicious software to ferret out corporate or government secrets.
At the U.S. Military Academy in West Point, N.Y., several internal tests found that cadets were all too willing to give sensitive information to an attacker posing as a high-ranking officer. "It's the 'colonel effect.' Anyone with the rank of colonel or higher, you execute the order first and ask questions later,"
posted by Dwaine at 8/19/2005
0 Comments:
Post a Comment
<< Home