For years, spear phishing attacks relied on the foolishness and naivete of computer users to trick them into revealing passwords and other sensitive information to individuals posing as legitimate parties via spoofed emails or fake websites. Today's spear phishing attacks effortlessly rob even cautious cynics with expensive name-brand security software. Small business owners can literally be wiped out with a single email!
What Are Phishing Attacks?
Phishing attacks are launched by cybercriminals upon consumers primarily to gain a few pieces of important data that can be used for financial gain, such as a person's user ID and password to their online bank account. Typically, consumers receive emails that appear to be from their bank or some other legitimate organization that trick the recipient into literally telling the criminals their user ID and password, for example. One class of phishing attacks increasingly prevalent today no longer relies on tricking end-users but instead employ what security practitioners call a 'man-in-the-browser' attack.
Basically, 'man-in-the-browser' attacks exist because the security within a web browser is alarmingly flawed from the perspective of stuff separate from other stuff. So, that other tab in your browser, or that web page you visited prior to your online bank website, might leave malicious code inside your web browser that allows cybercriminals to eavesdrop or insert financial transactions such as a bank payment to an overseas account.
This is why I strongly recommend that all computer users utilize two or more different web browsers, not separate web browser windows or tabs from the same web browser software, but use Internet Explorer, Firefox, or whatever all at the same time but for different types of websites. BTW, the web browser that you use for financial activities should not be the one that renders a web page after you've clicked on a link in your email, instant messenger, or PDF reader!
What Are Spear Phishing Attacks?
Phishing Attacks sound pretty scary. Fortunately, using two or more different web browsers radically reduces your risks from phishing attacks. There are additional risks when web browsing from a hotel room or public Wi-Fi that I'd have to address in another post if anyone is interested (let me know).
Spear Phishing Attacks are phishing attacks that target a specific person or organization. For the most part, spear phishing attacks are carried out via email, though instant messengers and social networks such as Facebook, MySpace, and LinkedIn can be used also. These attacks exploit the trust that we all have with our familiars: friends, family, and business associates. We'll read an email or some other kind of message from a familiar. More importantly, we're quite likely to accommodate a request or recommendation from a familiar to:
* Open a document
* Play a multimedia file
* Click on a hyperlink
* Install software
* Add a Facebook app
Any one of these actions is intended to install malicious software into the targeted user's PC. Attacks do so by exploiting programming mistakes in the PC software that we use every day. Once this malware has infested a PC, it systematically steals anything of value. Computers users do not have to be tricked into revealing their bank account number, user ID, and password to be robbed.
Small Businesses Are "Out of Luck"
As Brian Krebs of The Washington Post wrote in a recent article on Spear Phishing Attacks, American consumers who bank online are covered by a statute called "Regulation E", which "generally holds the consumer harmless for money stolen from their accounts via cyber crime". However, business owners that are victims of Spear Phishing Attacks would "more than likely be out of luck if a scammer empties their business account".
I strongly recommend that business owners talk to their banks immediately! If your business seldom involves payments to overseas accounts, see if you can require such payments get verbal or other approval prior to processing.
Ineffective Protection from Today's Spear Phishing Attacks
Those of you with up-to-date anti-virus/spyware software from Symantec, McAfee, or other well known vendors have less than 50-50 odds of deflecting a Spear Phishing Attack. That is because they rely on malware detection technology invented over a decade ago that utilizes signatures, which are like electronic fingerprints. Cyber criminals effectively alter the fingerprints of their Spear Phishing Attack instruments (malicious PDF or PowerPoint document, spiked JPEG or AVI, etc.) in minutes, orders of magnitude faster than vendors add new fingerprints to the 'most wanted list'.
AppGuard and EdgeGuard Block Spear Phishing Attacks
Adding AppGuard (http://www.blueridgenetworks.com/products/appguard.php) or EdgeGuard (http://www.blueridgenetworks.com/products/edgeguard.php) to a computer with any anti-virus/spyware security software boosts protection to 90%. Without AppGuard or EdgeGuard, anti-virus/spyware software, which only stop OLD malware, only block about 45%, including Spear Phishing Attacks.
Todays Spearphishing Attacks (Email Attachments) Can Kill Small Businesses
Diposting oleh
Admin
Sabtu, 01 Agustus 2009
0 komentar