SecureID Subscribers Subjected to NSA Phishing E-Mail
A spear-phishing assault or personalized e-mail scam, circulating online, cites the NSA as well as exploits the recent news regarding an unauthorized intrusion into SecureID tokens of RSA, thus published Cyveillance in news on July 22, 2011.
With spoofed sender's address as though the e-mails originated from email@example.com, the messages provide a web-link that leads the user maliciously onto a URL named national-security-agency.com that as per Cyveillance was registered just 24-hrs prior to the execution of the spam campaign.
Incidentally, clicking on this web-link has now necessitated altering 40m security key programs, most of which aided in protecting vital military and industrial secrets, says Cyveillance. It (Cyveillance) has currently seized reports and instances related to many versions of the bulk phishing e-mail largely with the header "Security Token Update" or "Token Code Update."
All the e-mails highlight one critical security flaw within security tokens, while trick recipients into following a web-link leading onto an .exe file download so their computers else network could become infected.
They (e-mails) warn that one critical flaw inflicts some of the token varieties of RSA, with the message relying on what's known of end-users by now being wary about the security breach at RSA carried out earlier during 2011 as also the impact it has had on the SecureID tokens' safety at the firm.
Commenting on this latest phishing assault, security researchers state that it's an ideal instance of the extent to which spear-phishers acutely perceive the socially-engineered readers' psychology, while it calls upon a respected government agency's authority; exploits anxiety of getting intruded alternatively landing into problems while working towards prompting action; as well as exploits ongoing events such as the recent and extensively-reported token hack at RSA.
Further, the e-mail writers as well suitably applied CSS and NSA logos so they could make their message appear genuine. Also, luckily, the senders didn't sufficiently deal with the text's construction, while also committed spelling errors allowing the vigilant users to realize that the e-mails were a fake.
Nonetheless, Cyveillance doesn't specify the name of the update for the security token presented for download although it's expected as being one malevolent executable.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 04-08-2011