CEOs - the new target of phishing schemes
On June 24 MessageLabs Inc. encountered a phenomenon never before seen and therefore very troubling: 514 emails to chief executives, chief financial and technology officers as well as some of their assistants in different companies, containing malicious programs with the quest of stealing sensitive company information. This wave of spam targeting higher-ups in corporations happened again on September 12 and 13, only this time the number of emails was 1100.
The emails were carefully crafted and specifically targeted – they contained names and titles. There were attachments that were supposedly lists of job candidates. The attachments were Word documents, a file type that is common and falsely deemed safe by most people. These specific files were infected with Trojans with the primary instructions to steal MS Office documents from the CEOs My Documents folder. The ordeal would have worked had they not been intercepted.
This development is troubling due to the fact that it is a new type of phishing scheme and a more sophisticated one, compared to the mass mailing schemes with intention to steal banking account information and such. Computers of CEOs contain various valuable information such as merger information, financial reports and other data, that can be used for many purposes.
CEOs are good targets for many reasons, whether it is stealing intelectual property, industrial espionage or other things.
This low-tech tactic could cause a very high-class problem, the origin of which is unknown, but researchers speculate (as they always do), that it came from a group based in Eastern Europe, a place where organized crime and malware writers have been known to work together for a long time.
According to Scott O’Neal, chief of FBI’s cyber-intrusion section, attacks like this are becoming less and less complicated."The how-to tutorials out there are getting better and better. And people need less and less technical skills," he is quoted as saying. Alas, these attacks are rarely reported, because companies are questioning authorities ability to preserve confidentiality.
Recently commented malware