{"id":3467,"date":"2005-07-09T19:50:15","date_gmt":"2005-07-09T19:50:15","guid":{"rendered":"http:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/e-commerce\/spear-phishing.html"},"modified":"2005-07-09T19:50:15","modified_gmt":"2005-07-09T19:50:15","slug":"spear-phishing","status":"publish","type":"post","link":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/voip\/spear-phishing.html","title":{"rendered":"Spear Phishing"},"content":{"rendered":"<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">Phishing is just spam being used to trick people into revealing some information to the phisher, and relies very heavily on social engineering to succeed. By blocking spam effectively, the bait never reaches its target, and the opportunity for deception is crushed.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">Phishers are now sending more targeted emails to businesses and these e-mails are designed to appear as though they were sent by another member of staff at the same organization, typically from the IT or HR departments. It seems that people will share their passwords fairly willingly via e-mail if the trust the source. It doesn\u2019t hurt that this new breed of phisher promises treats to those who cooperate or threatens the employment of those who don\u2019t.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">In a recent <country-region w:st=\"on\"><place w:st=\"on\">US<\/place><\/country-region> example, a phisher bluffed his way into the network of a port authority by spoofing an internal email address. Once on the inside, with an apparently genuine email identity, he was able to fool employees into revealing passwords for applications.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">This sort of attack has been termed \u2018spear\u2019 phishing, designed to bamboozle unsuspecting \u2018colleagues\u2019 into revealing information that will give the perpetrator access into secure areas of corporate networks. <\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">By spear phishing one company at a time, a phisher need only send emails to a single domain, spoofing the sender address and requesting usernames and passwords to validate some information, or providing a link to a spoofed version of the company\u2019s website or intranet &#8211; or perhaps that of a business partner or supplier. <\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">Many people often use the same username and password for different applications or websites, and the phisher may try and use that to their advantage in their social engineering. <\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">It is surprisingly easy to use existing spam-sending software to dynamically generate the target email addresses, for example by combining databases of first names and last names with letters and numbers. Furthermore, it would only take a few hundred such permutations to provide a valid email address in a large organization.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">Additionally, a sustained attack of this nature can quickly become a huge drain on the company\u2019s email server, sapping its resources as it attempts to handle several hundred or thousand connections for emails that can never be delivered to recipients that don\u2019t exist.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">Nevertheless, a successful spear phishing expedition can reduce the effort required to break into a company\u2019s network without too much difficulty.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\">Not only are the individual\u2019s details potentially compromised; it can also lead to theft of intellectual property and other sensitive corporate information. Spear phishing is growing fairly quickly as a threat to corporations.<\/p>\n<p \/><\/span><\/p>\n<p style=\"background: white none repeat scroll 0% 50%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;\"><span lang=\"EN\" style=\"font-size: 10pt; color: rgb(51, 51, 51);\"><a href=\"http:\/\/www.messagelabs.com\/emailthreats\/intelligence\/reports\/monthlies\/January05\/default.asp#t10\">More<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing is just spam being used to trick people into revealing some information to the phisher, and relies very heavily on social engineering to succeed. By blocking spam effectively, the bait never reaches its target, and the opportunity for deception is crushed. Phishers are now sending more targeted emails to businesses and these e-mails are<\/p>\n","protected":false},"author":44,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[191],"tags":[222,223,224],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/3467"}],"collection":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/comments?post=3467"}],"version-history":[{"count":0,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/posts\/3467\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/media?parent=3467"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/categories?post=3467"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tmcnet.com\/blog\/rich-tehrani\/wp-json\/wp\/v2\/tags?post=3467"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}