Cyveillance’s President and CEO, Panos Anastassiadis, was targeted by new approach to an old scam, spear Phishing: The use of emails that appear to be from a legitimate, trusted source that are enticed to trick recipients into entering valid credentials including personal information such as passwords or credit card numbers into a fake platform or service. LookingGlass Cyber (n) - tailoring an attack (such as email) to garner trust and credentials that are then used maliciously. The preverbal digital version of the ol' hook and bait.. Earlier this morning, the following email was sent to Mr. Anastassiadis:
Like many other spear phishing attacks, the phisher performed research before launching his or her attack. Specifically, the individual was able to locate use our CEO’s email address and the Cyveillance phone number in the email. This information was used to enable and build additional credibility for the attack.
The email instructed Mr. Anastassiadis to appear in the US Courthouse on May 7, 2008 and provided a link to download the subpoena for specific information. Clicking on link takes you to the following page:
As you can see, the Web page claims that the case has been closed and no further action is required from the visitor. However, clicking on the link will not only load this page, but will also download a Trojan-Downloader onto the computer that would not be detected by the majority of Anti-Virus companies. Specific information about the malware used in the attack can be found at: http://www.virustotal.com/analisis/13bfb6913f9c328c7b657fce4ba4c731.
The size of this attack is not yet known, but security managers should ensure that personnel, especially executives, are aware of this latest phishing attack vector.