The FBI has issued press release warning Internet users of a spear-phishing e-mail pretending to be from the US National Centre for Missing and Exploited Children.
Titled "Search for Missing Children", the e-mail contains a zip file with three pieces of malware inside.
The bureau's US-CERT advised users to treat all unsolicited e-mails with caution. It also advised organisations to monitor for any anomalous e-mail activity, particularly when leading up to significant events.
It added that educating staff about social engineering and phishing is key and said companies should also monitor their networks for unusual activity levels, to more easily identify changes in patterns, that could be a sign an intruder is on the network, or that data is being exfiltrated.
When considering any mitigation strategies, the FBI said organisations must ask themselves two questions. Firstly, what the current and future consequences would be if proprietary data, personally identifiable information, research and development-related data, e-mail, or other critical information were stolen.
Secondly, to ask whether the business has evaluated its data critically based on risk, and established what data needs to be protected.
Simon Campbell-Young, MD of Phoenix Software, says: "Even if e-mails appear to be from a trusted source, think twice. Consider for a second whether you would be a likely candidate to receive mails from an organisation such as the National Centre for Missing and Exploited Children."
He says spear-phishing targets specific companies, as opposed to the opportunistic approach used by general phishing scams. It is a means of gaining access to a specific company's network, usually to find and exfiltrate data, whether it is intellectual property, financial details or trade secrets.
"All spear-phishing e-mails will appear to be from a trusted source, such as a bank, or financial institution - or a Web site with a large number of members such as PayPal."
According to Campbell-Young, although most people have learned to be wary of common phishing attacks which are a dime a dozen these days, spear-phishing is a different story.
"Spear-phishing has proven successful because these mails not only appear to be from a known source, they always contain information that makes them appear genuine, and the requests to their targets are realistic and reasonable."
Share
