Sophisticated Phishing

by. Nicole Reyes

In previous posts, I explained how fraudsters are right now honing their phishing skills in preparation for the U.S. migration to EMV cards, which will make counterfeiting cards nearly impossible.

A recent interview with researcher Kurt Baumgartner, of Kaspersky Lab, shows how phishing attacks are becoming more sophisticated. Baumgartner explains how Spearphishing (a highly targeted form of phishing) has now gone mobile.

Kaspersky Lab discovered a spearphishing attack that relies on a Trojan and targets mobile devices specifically. While this particular attack was contained, it just goes to show how far fraudsters are willing to go to steal information.

Baumgartner emphasizes the importance of being careful about what we share on social media sites like Facebook or Twitter. He points out in an interview with BankInfoSecurity that social media provides attackers with a “gold mine of information,” so fraudsters can be more convincing when they masquerade as the “friends” of employees with company login credentials and other access codes. Armed with personal information, the criminals are better able to convince spearphishing vicitms to open attachments, releasing malware right into the secure system they are looking to breach.

continue reading »