Phishing Campaign Targets U.S. Gov't Employees
United States government employees are being told to avoid placing too much personal information on social media sites or other public pages. Phishers recently used that sort of data to target public workers in the energy sector.
A phishing campaign involves using fake forms and websites to lure victims into providing sensitive personal information, from names and addresses to credit card data.
Conference List Used for Email Attacks
According to reports, phishers used a public list of conference attendees to attack public energy sector workers. The conference list provided the phishers with names, email addresses, organizational affiliations, and even job titles.
The hackers then used this information to construct a highly specific phishing campaign. This involved malicious emails sent to people who attended the conference.
The phishers used the list information to pose as a conference attendee and send emails requesting recipients click on an attached link. That link took victims to a site that installed malware on their computers.
The good news: it doesn't appear anyone fell for the trap. "Luckily no known infections or intrusions occurred," noted the Department of Homeland Security (DHS) in a recent statement. (Source: pcworld.com)
DHS Warns Against Posting Personal Data Online
To prevent similar strategies from working in the future, the DHS is warning all public sector employees to take care with the information they post online.
"Publicly accessibly information commonly found on social media, as well as professional organization and industry conference Web sites is a recognized resource for attackers performing reconnaissance activities," the DHS noted in its recent Industrial Control Systems Computer Emergency Response Team (ICS-CERT) report. (Source: gsnmagazine.com)
The DHS hopes that not only will public employees limit the amount of information they post to the web in the future, but that they'll contact web sites that have posted personal information about them in the past and have that data removed.
Of course, these are useful tips for everyone, and not just public employees. Remember that posting personal information online does provide hackers with the tools to target you in the future.
Free guide: Windows 7 -- Free Quick Reference Card. Ask any pro computer user and they'll tell you: having to constantly reach for the mouse not only causes strain on your neck and back - it also slows you down. Imagine being able to control your computer the way it was meant to be - using your keyboard! With this guide, you'll learn to dramatically increase productivity using the best ways to navigate, organize, and manage your Windows PC and its contents. Most importantly: the majority of these shortcuts, tips, and tricks are valid for any PC, netbook, and laptop running Windows XP, Vista, and 7. Use it to brush up on the basics and to find alternate methods to your favorite commands. This printable quick reference guide is yours to use, distribute, and share! Click here to download this guide now! Note: this guide is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.