A targeted scam or “Spear Phishing” attack making the rounds today invokes the National Security Agency and takes advantage of recent news about a hack of RSA’s two-factor security tokens. Cyveillance has now captured examples and reports of several variants of this email, most sent under the subject lines “Token Code Update” or “Security Token Update”. The message outlines a “critical vulnerability” in security tokens, and attempts to get users to click a link to what most likely was an executable download to infect their machine or network. 
The sender name is spoofed to appear to come from “protection@nsa.security.gov” and the links go to national-security-agency.com, a domain that was just registered yesterday. This attack is a perfect example of how deeply spear-phishers understand the psychology of social engineering users. It invokes the authority of a respected and mysterious government agency, it uses fear of being hacked or getting “in trouble” at work to prompt action, and it takes advantage of current events in the form of the widely reported (i.e. verifiable fact) and recent RSA token hack. This is a potent cocktail of logic, emotion and authority to manipulate the user into a desired action, and is typical of today’s advanced Phishers. Read more: Cyveillance
QR:
QR:
Posts
0 comments:
Post a Comment