[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Report: âSpear-Phishingâ Attacks Keep on Giving

To: isn@xxxxxxxxxxxxxxx
Subject: [ISN] Report: âSpear-Phishingâ Attacks Keep on Giving
From: InfoSec News <alerts@xxxxxxxxxxxxxxx>
Date: Wed, 27 Oct 2010 03:08:40 -0500 (CDT)
Delivered-to: isn@xxxxxxxxxxxxxxx
List-archive: <http://www.infosecnews.org/pipermail/isn>
List-help: <mailto:isn-request@infosecnews.org?subject=help>
List-id: InfoSec News <isn.infosecnews.org>
List-post: <mailto:isn@infosecnews.org>
List-subscribe: <http://www.infosecnews.org/mailman/listinfo/isn>, <mailto:isn-request@infosecnews.org?subject=subscribe>
List-unsubscribe: <http://www.infosecnews.org/mailman/listinfo/isn>, <mailto:isn-request@infosecnews.org?subject=unsubscribe>
Organization: InfoSec News - http://www.infosecnews.org/
Sender: isn-bounces@xxxxxxxxxxxxxxx

http://www.wired.com/threatlevel/2010/10/spear-phishing/

By Kim Zetter 
Threat Level
Wired.com
October 26, 2010

The number of targeted phishing attacks against individuals has risen 
dramatically in the last five years from one or two a week in 2005 to 
more than 70 a day this month, according to a new report from computer 
security firm Symantec.

The industry most recently hardest hit by so-called spear-phishing 
attacks is the retail industry, according to Symantecâs MessageLabs 
Intelligence report. The number of attacks against retail exploded in 
September in particular, jumping to 516 attacks from just seven attacks 
a month for the rest of 2010.

The statistics are somewhat skewed, though, since most of the September 
attacks against retail were directed at a single company. Symantec 
counts each copy of a malicious e-mail received by an organization as a 
unique attack, even if itâs the same e-mail sent to multiple people at 
the same time. But the report illustrates that, five years after its 
invention, spear-phishing remains a trusted tool in the modern cyber 
criminalâs arsenal.

Unlike regular phishing attacks, which involve spamming a message to 
random users, spear-phishing targets specific individuals or small 
groups of employees at specific companies. The former are generally 
designed to steal banking credentials and e-mail passwords from users, 
while the latter generally focus on gaining access to a system to steal 
intellectual property and other sensitive data.

[...]

___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/

Prev by Date: [ISN] [Dataloss Weekly Summary] Week of Sunday, October 17, 2010
Next by Date: [ISN] How to protect against Firesheep attacks
Previous by thread: [ISN] [Dataloss Weekly Summary] Week of Sunday, October 17, 2010
Next by thread: [ISN] How to protect against Firesheep attacks
Index(es):
- Date
- Thread