Phishing Campaign Targets U.S. Gov't Employees
United States government employees are being told to avoid placing too much personal information on social media sites or other public pages. Phishers recently used that sort of data to target public workers in the energy sector.
A phishing campaign involves using fake forms and websites to lure victims into providing sensitive personal information, from names and addresses to credit card data.
Conference List Used for Email Attacks
According to reports, phishers used a public list of conference attendees to attack public energy sector workers. The conference list provided the phishers with names, email addresses, organizational affiliations, and even job titles.
The hackers then used this information to construct a highly specific phishing campaign. This involved malicious emails sent to people who attended the conference.
The phishers used the list information to pose as a conference attendee and send emails requesting recipients click on an attached link. That link took victims to a site that installed malware on their computers.
The good news: it doesn't appear anyone fell for the trap. "Luckily no known infections or intrusions occurred," noted the Department of Homeland Security (DHS) in a recent statement. (Source: pcworld.com)
DHS Warns Against Posting Personal Data Online
To prevent similar strategies from working in the future, the DHS is warning all public sector employees to take care with the information they post online.
"Publicly accessibly information commonly found on social media, as well as professional organization and industry conference Web sites is a recognized resource for attackers performing reconnaissance activities," the DHS noted in its recent Industrial Control Systems Computer Emergency Response Team (ICS-CERT) report. (Source: gsnmagazine.com)
The DHS hopes that not only will public employees limit the amount of information they post to the web in the future, but that they'll contact web sites that have posted personal information about them in the past and have that data removed.
Of course, these are useful tips for everyone, and not just public employees. Remember that posting personal information online does provide hackers with the tools to target you in the future.
Free eBook: The Windows 7 Guide: From Newbies to Pros. In this 46 page guide you will be introduced to Windows 7 and what it has to offer. It will teach you about the new taskbar, how to resolve software compatibility issues, how to customize Windows Aero, and explain what the Windows 7 Libraries are all about. Also included: a detailed list of what software is included in Windows 7, and how easy networking is with Windows 7 along with other topics. The advice within this guide will help new users become acquainted with Windows 7 and can also help those who are on the fence about purchasing Windows 7 decide if it would be a good idea. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.