Criminals Hack CEOs with Fake Subpoenas
Robert McMillan writes on CIO.com:
Panos Anastassiadis didn't click on the fake subpoena that popped into his inbox on Monday morning, but he runs a computer security company. Others were not so lucky.More here.
In fact, security researchers say that thousands have fallen victim to an e-mail scam in which senior managers such as Anastassiadis are told that they have been sued in federal court and must click on a Web link to download court documents. Victims of the crime are taken to a phony Web site where they are told they need to install browser plug-in software to view the documents. That software gives the criminals access to the victim's computer.
This type of targeted e-mail attack, called "spear-phishing," is a variation on the more common "phishing" attack. Both attacks use fake e-mail messages to try to lure victims to malicious Web sites, but with spear-phishing the attackers try to make their messages more believable by including information tailored to the victim.
posted by Fergie @ 4/14/2008 05:45:00 PM
0 Comments:
Post a Comment
<< Home