Spear Phishing Campaign Attacking ESPs Employees Caught
A huge spear phishing campaign had attacked employees of almost 100 e-mail service providers (ESPs), with an aim to hack their computers, as per the news by net-security.org on November 25, 2010.
These spear phishing mails generally included URLs that reportedly direct victims to a webpage with images, greeting card, but, in reality would take them to websites where login credential stealing (like iStealer - presently with a very stumpy detection rate on VirusTotal) and isolated administration (such as CyberGate) software would attempt to get installed secretly on the victim's system.
Neil Schwartzman, Senior Director of security strategy at e-mail security provider Return Path Inc, stated that the spear phishing attacks have attacked mail marketing companies that deal with opt-in campaigns for some of the major corporate brands, as per the reports by krebsonsecurity.com on November 25, 2010.
Schwartzman added that this is a systematic, deliberate and harmful attack which targets the industry-grade email deployment systems.
Chris Nelson, a Security Manager at an ESP that was compromised by these spear phishing attacks, claimed that he traced the attack used to penetrate into his company's servers back to Internet addresses in the Netherlands, where he discovered that almost twelve other ESPs were hacked as well, as per the news by krebsonsecurity.com on November 25, 2010.
Nelson added that the objective of the campaign was to control the list of email addresses for big brands so that they can be used for further illegitimate activities. Further, he opined that probably this spear phishing attack will extend for several months as per the unusual delivery outcomes identified with one of their smaller clients back in April 2010, as per the reports by net-security.org on November 25, 2010.
Lastly, in order to curb all kinds of spear phishing mails, security experts recommend some simple security tips- though sophisticated in nature, spam mails will continue to have some grammatical or spelling errors, if users get any mail which appears suspicious they should confirm it from the respective company or the sender.
Related article: Spyware Detection Programs Track Advertisers’ Cookies
» SPAMfighter News - 07-12-2010