Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishers Hone Skills, Craft More Impressive Attacks

Posted by Soulskill on from the practice-makes-perfect dept.

CWmike writes "Recent break-ins at high-profile targets like the International Monetary Fund demonstrate just how proficient hackers have become at so-called spear phishing, researchers said on Tuesday. 'Today's spear phishing is not only more prevalent but also much more technically proficient,' said Dave Jevans, chairman of the Anti-Phishing Working Group. 'They're not going for a password, anymore; they're getting people to install crimeware on their computers.' The trend highlights the need for defenses against such targeted threats, requiring companies to look beyond security strategies focused purely on dealing with traditional network threats, analysts said. Increasingly, companies also need to focus on approaches such as continuous monitoring of networks, databases, applications and users, outbound traffic filtering and whitelisting."

2 of 63 comments (clear)

  1. The Art of Deception by DigiShaman · · Score: 3, Informative

    The Art of Deception. By Kevin D. Mitnick. It's worth reading.

    --
    Life is not for the lazy.
  2. Not phishing by lavagolemking · · Score: 3, Informative

    Phishing means tricking users into divulging sensitive data, usually a password. It is just one type of social engineering. What is being described here is another form of social engineering, where users are told instead to install malware or something like that. It is not phishing, or even spear phishing. When you get a lot of information together to plan out an effective attack on human psyche, it's called pretexting.