The Sophisticated Business of Today's Most Nasty Phishing Attacks

snydeq writes: Forget Nigerian princes — today's spearphishing is sophisticated business, fooling even the most seasoned security pros, writes InfoWorld's Roger A. Grimes, in a look at what sets today's most sophisticated spearphishing attempts apart. 'Most of the time, phishing attempts are a minor menace we solve with a Delete key. Enter spearphishing: a targeted approach to phishing that is proving nefariously effective, even against the most seasoned security pros. Why? Because they are crafted by thoughtful professionals who seem to know your business, your current projects, your interests. They don't tip their hand by trying to sell you anything or claiming to have money to give away. In fact, today's spearphishing attempts have far more sinister goals than simple financial theft.'

Re:How Are these Foreign Companies Legitimate?

[MyAlternateID]

From TFA:

"Today’s professional Internet criminals work 9-to-5 days, pay taxes, and get weekends and holidays off. The companies they work for often have dozens to hundreds of employees, pay bribes to local law enforcement and politicians, and are often seen as the employer of choice in their region. Working for companies that break into companies in other countries is often proudly worn as a patriotic badge."

Tell me again why a submarine launched Tomahawk cruise missile doesn't suddenly strike that corporate HQ one day, killing everyone in the building and reducing it to rubble and ash? It seems that these people need to be reminded of who they're messing with when they declare war against our financial system.

The people who own the financial system are definitely not the people worthy of any sort of patriotic sentiment. There is a reason Jefferson warned us about this a long time ago, because even in his time, this system wasn't new.

Incidentally, two U.S. Presidents were killed by being shot in the head in public: Abraham Lincoln and JFK. What do they both have in common? They both tried to issue interest-free money directly through the Treasury department, outside of the control of private bankers. In Lincoln's case, they were called Greenbacks. In JFK's case, they were a representative currency (dollars backed by silver). I'm sure that's a total coincidence. After all, if someone tells you that a street thug might shoot you to take the $50 in your wallet, that person is reasonable; if someone else says that banksters would kill anyone to protect their trillions-of-dollars financial empires, well that guy's just a conspiracy nut, just like those guys who said several years ago that the NSA was spying on everyone, right? It's a good thing we're all above such tin-foil hattery!

Of course there's the more practical matter of whether it's really worthwhile to kill people and commit what foreign nations would call an act of war, merely because a few domestic corporations had shitty security since they failed to appreciate that the public Internet is a hostile network. Generally, we don't kill people for financial or other property crimes, and we aren't supposed to sanction them in any way at all without a trial (preceded by an extradition if necessary).

If you're going to pull an "America, FUCK YEAH!", please understand that "America" used to actually mean something, and in particular it meant we don't do certain things -- like punish people without due process -- just because more authoritarian nations might do such things. That was once the sort of thing we observed other nations doing, frowned upon, and considered ourselves better than. Believe it or not, the collective culture once valued the visceral satisfaction of swift vengeance less than it valued the sanctity of our founding principles. A good history book will talk about this, and the sad thing is, you would need one to hear about such things today.