Spear-phishing emails targeting energy companies
Posted on 08 April 2013.
Information over-sharing can lead to cleverly executed and dangerous spear-phishing campaigns, warns the US Department of Homeland Security and the ICS-CERT.

According to an account in the latest edition of the ICS-CERT Monitor, a (luckily unsuccessful) spear-phishing campaign has recently been launched against 11 companies in the energy sector after a list of the attendees at a committee meeting has been published on the utility's website.

The list contained the names, work titles, company affiliations and email addresses of the attendees, and that was all the attackers needed. Impersonating one of the people on the list, they sent a specially crafted email to the rest notifying them about a change of the sender's email address and asking them to click on the attached link to a websites serving malware.

The report does not say whether the attacks were unsuccessful because the targeted email recipients recognized the spear-phishing emails for what they were, whether the emails were caught by the organizations' defenses, or whether it was pure luck that the recipients didn't follow the malicious instructions.

Still, the example illustrates perfectly how seemingly innocuous information can be effectively used to mount attacks.

"In order to reduce the likelihood of becoming a victim of spear-phishing attacks, minimize the business-related and personal information on social media Web sites," ICS-CERT advises. "Business-related information could include job title, company email, organizational structure, and project names. If information exists on other Web sites, contact the Web site owner and ask that it be removed."

Spear-phishing has become the preferred initial step of attackers looking to gain a foothold into an organization, as it targets the weakest link in most security chains: the human.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th