Experimental Spear-Phishing Attack Proves Spam Filters Ineffective
Joshua Perrymon, researcher and CEO at security solutions provider 'PacketFocus' based in Birmingham, Alabama, US, lately conducted a spear-phishing experiment and found that he was able to fully circumvent the spam-filtering systems he tested in his experiment, which suggested certain results that were extremely upsetting.
Actually during the experiment, Perrymon dispatched an e-mail from LinkedIn, spoofing Bill Gates' name, to people belonging to six different organizations who had volunteered to take the test, wherein the hoax message was an invitation to become a member of Bill Gates' network on LinkedIn.
Whenever Perrymon tried the experiment, his spoofed e-mail successfully reached the volunteers' inboxes as well as across various leading e-mail services and products such as smartphone e-mail devices.
Perrymon in a simple methodology programmed the 'assault' to work automatically so that he could monitor the phishing success while seizing the victims' information when they followed the 'invite' link and landed on the phishing or spoofed website. The information seized included the victim's username, IP address, operating system, browser, location and other statistics of the website.
In the meantime, Perrymon's experiment emphasizes that the main issue is that majority of the anti-phishing mechanisms are designed for intercepting phishing attacks of large-scale rather than the sinister and risky undersized personalized ones. Thus, Perrymon said that if the phishing attack is small-scaled, the mechanism certainly couldn't prevent it, while if the attacks reach into the hundreds, it would begin kicking off the security, reported ZDNet on October 29, 2009.
Additionally, the researcher's experiment stresses that since small-scale spear or targeted phishing schemes potentially evade anti-spam filters, therefore users keep on communicating with phishing e-mails.
Indeed, Perrymon stated that he was surprised with the results of his experiment; consequently, he contacted and worked with security vendors towards finding a solution to the problem.
Moreover, commenting on the Perrymon's experiment, Founder and CTO of WhiteHat Security, Jeremiah Grossman, after perusing Perrymon's white paper said that the research appeared extremely fine in terms of its approach and simplicity and concluded that Perrymon attempted at proving just how easy and serious the experimental attack was indeed, reported darkreading.com on October 22, 2009.
Related article: Experts Find Two Vulnerabilities in Firefox
» SPAMfighter News - 11-11-2009