Slashdot Mirror
Fake Subpoenas Sent To CEOs For Social Engineering
An anonymous reader writes "The Internet Storm Center notes that emails that look like subpoenas are being sent out to the CEOs of major US corporations. The email tries to entice the victim to click on a link for 'more information.' According to the ISC's John Bambenek: 'We've gotten a few reports that some CEOs have received what purports to be a federal subpoena via email ordering their testimony in a case. It then asks them to click a link and download the case history and associated information. One problem, it's [totally] bogus. It's a "click-the-link-for-malware" typical spammer stunt. So, first and foremost, don't click on such links. An interesting component of this scam was that it did properly identify the CEO and send it to his email directly. It's very highly targeted that way.'"
My boss received one of these yesterday. Luckily he is one of the smarter people in this world and FW'd me the email (being the suspicious person he is). Personally I thought it was rather clever.
Also - I wonder... Is there some "hacker code" out there that says if you are sending out a phishing email - you must misspell at least a few words? Cause these subpoenas looked fairly good - but there were misspellings. Can't they just run the emails through Word or Open Office before they send them out?
snowulf.com
One problem that I've noticed is that muckity-mucks often feel that they're "above" being targeted by such menial things as malware.
He's getting rather old, but he's a good mouse.
Every time that I comment on a story about viruses and malware and security, I mention the fact that what is normally mentioned by antivirus vendors is junk used to scare up business.
The real danger lies elsewhere. Stories like this and the cyber-war story about the US and China are the ones that you need to follow and think about.
The chances that your company is already compromised by the NSA or some other country's spy agency/military is reasonably high, no matter what you do.
Okay, so you make cheeseburger boxes for several chain restaurants, who would want data from your system?
It looks a lot like the butterfly effect http://en.wikipedia.org/wiki/Butterfly_effect in the fact that one small chance encounter or small piece of information can greatly affect the outcome of a particular chain of events. Your company makes cheeseburger boxes for a company whose CEO, in turn, is a friend of or associate of some political figure. This information is gleened from your system via email, and phishing email is used to get that political figure to open an email which is a dupe of a previous email sent, but contains an active-x payload... this in turn leads to more serious and useful information down the road... and viola! you have enough for a hack on the RNC mail server...
Something like that, just work out your own end goal and play 6 steps to Kevin Bacon to find out how to get there. Much is public information and can be used to nail the last link you need for planting the right spyware in the right place, unnoticed, undetected, unfettered. No need for millions of bots, just one well placed piece of code.
Best part is that it is enabled/started by the high-ranking user, one that is never spied on, so the malware is safely sitting there doing it's thing without interruption.
That is how spying works, a little bit at a time, patiently looking for a chink in the armor.
Support NYCountryLawyer RIAA vs People
Our CEO got one of these yesterday too. Luckily, his executive administrator has more brains than he, and forwarded it to our legal dept., questioning it. Our legal dept contacted the IT dept, and I told them that it was totally bogus.
The admin actually was quoted as saying "Since when are they sending subpoenas by email?".