Taiwan Officials Warned of Latest Spear Phishing Attacks
Taiwan-based officials have become a new target of spear phishing scammers, reported 'TrendLabs' of the security firm Trend Micro. Researchers have detected several instances that prove spear phishing attacks on these officials.
According to the security analysts, spear phishing attacks are like regular phishing attacks; however, the difference lies in imitation. This means that these attacks claims to be coming from a known user, such as by an executive at the victim's workplace, instead of claiming to be coming from a bank or e-commerce website.
Scammers, in this case, reportedly modified the 'From' field of the e-mail. It appears that the e-mail has been delivered from an employee working in the recipient's office. Further, considering the recipient, the URL is also modified in the e-mail and redirects him/her to a fraudulent Gmail Taiwan login page. The victim's e-mail address is already entered on this phony website, and entering the password means being phished.
Interestingly, the phishing sites are registered in China, and it has been reported that cyber crooks are frequently changing the domains. They take down the earlier used domains in an attempt to avoid being recognized and blocked.
Trend Micro, in its legitimate website, has provided a list of malicious domains that users must be wary of. It is an attempt made by the firm to protect its users from falling prey to spear phishing.
This latest spear phishing attack on Taiwan officials clearly indicates that these attacks are on a surge. In October 2009, thousands of businessmen using Microsoft Outlook Web Access were targeted by spear phishing assaults, as reported by security firm Websense.
At the TechAmerica Cybersecurity Forum held in Washington D.C. (USA), a group of cyber security researchers told that a rise in sophisticated attacks along with the so-called spear phishing has been witnessed in the recent months, reported PCWorld in the second week of October 2009.
Finally, experts strongly recommend the users that messages coming from suspicious sources in the inbox must be scanned for viruses. They must also keep a watch on their credit reports. It may appear frustrating in the beginning, but these initial inconveniences can be compensated if the identity is saved well before time.
Related article: Twin Phishing E-Mails Pose from Bank of Hanover
» SPAMfighter News - 11-11-2009