Re: [Pauldotcom] Interesting spear fishing type attack

Wed, 10 Mar 2010 06:29:37 -0800 

Chris,

I'm wondering if you have more info. on this type of attack or if it's been 
written up anywhere, as I've seen what appears to be a familiar situation a 
couple times in recent weeks.

I had assumed that it was just some clever script-hijack of the user's webmail 
session that automatically sent (in my observation, just a URL, that's it) 
something to everyone in the webmail user's address book.  I would have a hard 
time believing that the user's password was stolen and that's the best they 
could do after owning someone's email account.

In both cases, I did recommend the user change their webmail password to be 
safe.

PJ

Date: Tue, 9 Mar 2010 12:39:22 -0600
From: [email protected]
To: [email protected]
Subject: Re: [Pauldotcom] Interesting spear fishing type attack

I've seen this before - it's generally not spear phishing though. What I've 
seen happen is that a person's webmail account gets owned, and the attacker 
uses the account to send that story to everyone in their address book.


They're really good, in some cases - I had an acquaintance who did business in 
Laos and Malaysia, and when I got that same email, I really had to think it 
through before I trashed it - the email claimed they had been traveling in that 
area and gotten mugged. 


- Chris

On Tue, Mar 9, 2010 at 9:39 AM, PJ Velasco <[email protected]> wrote:

One of the guys I work with got an email from a person he used to know

real well years ago.  The email claimed that the person was stuck in

the UK and needed money to come back home to the states.  I thought

this was an interesting angle.  Identify and research your target (as

usual), but instead of looking for current group memberships or

vendors you search classmates.com or other reunion type social

networking sites and craft an email using someone they used to go to

school with.  Obviously this did not work on my coworker, but I

thought the list would find it interesting.

_______________________________________________

Pauldotcom mailing list

[email protected]

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com



-- 
- Chris Merkel
                                          
_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/201469226/direct/01/
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Reply via email to