Spam

Spear Phishing what is it and how to protect yourself from it

As techtarget.com puts it : 

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by perpetrators out for financial gain

How is this done

We have seen a few cases of this usually in the following order :

1) Attacker uses publically available resources e.g. Social Sites , company websites to get a name and email for a financial controller as well as the managing director of the company

2) Attacker uses a third party email server to fake [email protected] email and sends the below email to [email protected]. Attacker could also try emailing from [email protected] ( notice the ltd the end! ) 

Hey financecontrollername,
I'm in the middle of a meeting , not available on the cell phone , but need this actioned NOW please transfer $$$$$ to this bank account let me know when done
managingdirectorname

Attacker also tries to send emails to financecontrollername saying 'Hey are you there ?'

3) financecontrollername sends the money and emails managingdirectorname when done , only to find out managingdirectorname never asked for this transfer

How to protect yourself from this

1) Careful what information you have publically available such as emails as it can be used against you. Also be careful emailing people you don't know , the attacker copies your signature to validate the email as best as possible

2) Get your IT provider to use SPF Records along with DKIM records to either put all the emails from your organisation that are from unknown senders into SPAM , or mark the Subject as SPAM so the end user knows to be wary. This can be done with Spam Filters and Exchange

3) Financial Controllers should always speak to MD's when unsure of moving money around , better to be safe than sorry as they say!

If you have already been effected

Speak to your local Police by dialling 101, and report it.

Speak to your bank, there is a 24 hour window where bank transfers can be halted, speak to them as soon as possible

SPAM - why do they bother?

I read an interesting article today on spammers and the success rates for junk email.

Apparently the hit rate for spam is one in every 12.5 million emails sent!  

Not a great return you would think but when you are sending Billions of emails every day, you can actually make yourself very rich very quickly.  To do this the researcher took control of a Bot Net (a group of PC’s that have been taken over by spammers) and ran a trial sending out messages.  They also created Pharmacy site so any dumb individuals who took up the offer could pay for the product.

While running their spam campaigns the researchers sent about 469 million junk e-mail messages. The majority of these were for the dodgy pharmacy campaign.

After 26 days and almost 400 million email messages, 30 sales resulted.

 However when you scale this up to billions of emails sent every day you can see sildenafil the sales figures will increase rapidly. 

We have been dealing with this junk email problem for some time for customers and have tried a number of solutions.  We started with GFI Antispam and then moved to Kaspersky Antispam but found them a pain to administer and not very accurate.  They also slowed down servers and created havoc with internet connections as so much traffic was being sent to the servers. 

We also had issues with the blacklisting of IP addresses and reverse DNS lookup.  Eventually we found a service new from Microsoft called Exchange Hosted Services, it’s basically the same service offered by Messagelabs but for considerably less and without the onerous contract terms (they always want 3 years!).   

This has been a god send, we don’t get any problems with the service, it’s quick to setup, never goes wrong and is hosted offsite so we have no relay or Internet performance issues.  It’s also cheap at £2 per user per month with no contract!