Spear Phishing

♥ COVID-19♥
Klaatu Barada Yotta-Member

Grand Poo-bah

N95 Won't Stop Me

Posts: 21,320

Spear Phishing Apr 6, 2010 16:04:27 GMT -6

Quote

Post by ♥ COVID-19♥ on Apr 6, 2010 16:04:27 GMT -6

searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1134829,00.html

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.

My employer was victimized by this today. I knew it was a Spear Phishing attack even before getting the e - mail alert from our IT Dept. because the first Spear Phishing e - mail I saw was not only sent TO me, but the FROM field had MY e - mail address on it, too! DOH!

Here's a sample e - mail:

Dear Customer,

This e-mail was send by <My Company Name Here> to notify you that we have temporanly prevented access to your account.

We have reasons to beleive that your account may have been accessed by someone else.

Please click on the following link (or copy & paste it into your web browser):

Of course, you DON'T click on the link they provide.

BTW, gotta love them typos.

The Virtual Nihilist Blog
Twitter
Facebook

I'm anally electrocuting the world one asshole at a time.

innit Geezer
Rama-Lama-Ding-Dong Tera-Member

Posts: 8,802

Spear Phishing Apr 6, 2010 19:36:42 GMT -6

Quote

Post by innit Geezer on Apr 6, 2010 19:36:42 GMT -6

I received 3 of these in the last 2 days. One limiting my Paypal account because it was in need of updating (I thought it was real because I haven't used it in years) and the other 2 limiting my access to my Chase accounts because someone has tried to log-in using my name.

Here's the fake Chase e-mail from today----The underlined was a link.

We regret to inform you that access to your account has been temporarily limited.

This has been done due to several failed log-in attempts.

Case ID: AX-462-55-37

To restore your account please log in correctly.

If you fail to log in correctly your account will be suspended for fraud prevention.

We apologize for the inconvenience, this measure was taken for your protection.

CHASE Security Team

innit Geezer Rama-Lama-Ding-Dong Tera-Member Posts: 8,802	Spear Phishing Apr 7, 2010 13:12:21 GMT -6 Quote Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by innit Geezer on Apr 7, 2010 13:12:21 GMT -6 I got another one today and the entire e-mail is a link.

Post by ♥ COVID-19♥ on Apr 6, 2010 16:04:27 GMT -6

Post by innit Geezer on Apr 6, 2010 19:36:42 GMT -6

Post by innit Geezer on Apr 7, 2010 13:12:21 GMT -6

Quick Reply