FBI Cautions about Increasing Spear Phishing Assaults

FBI has cautioned Internet users that online-criminals have been observed unleashing spear phishing assaults at an increasing rate towards hijacking systems of inter-connected PCs installed at organizations of a number of industry sectors, published softpedia.com dated June 26, 2013.

Spear phishing assaults involve phishing e-mails that crooks send solely to particular persons alternatively organizations as different from routine phishing e-mails that are sent in bulk. Such phishing e-mails cite the exact details of the recipients that the criminals gather from social media A/Cs, websites or blogs.

Attackers, by using genuine information along with the fake announcements in their e-mails, raise the possibilities of victims opening attachments and/or following web-links included in the messages.

During such recent assaults, according to FBI, victimized users were easily persuaded to believe they required updating their credentials or software utilized for entering particular websites. The e-mails carried web-links that would supposedly lead onto a page where the update could be completed. But when users followed those web-links they landed on a fake site that delivered malware capable of capturing information, like the victims' credit-card details, bank account particulars, usernames and passwords along with more personal information. By the same procedure, the phishers could as well acquire admission into private networks; alternatively filch trade secrets and/or intellectual properties, FBI states that fbi.gov published, June 25, 2013.

And observing how Internauts can avoid getting victimized, the FBI reminds that Internet-based enterprises, particularly traders and financial institutions, won't ever request personal information, especially user IDs/passwords over e-mail.

However, if any recipient thinks the e-mail is authentic, he should contact its sender at the number not as given inside the e-mail for that maybe fraudulent, but as on the company's Internet site.

It's further recommended that users always maintain up-to-date browser and other applications; firewalls and anti-virus programs; as they often detect phishing attempts.

Meanwhile, the IDG News Service website recently cited Trend Micro the security company, which stated that among the entire targeted assaults, 91% involved spear-phishing electronic mails. The 5 chief targeted entities comprised technology companies, institutions for academic research, media outlets, NGOs and government ministries, Trend Micro listed.

» SPAMfighter News - 7/1/2013