Spear Phishing

June 4, 2011 by USA Post 

Spear PhishingSpear Phishing, Security researchers say that spear phishing attacks against Gmail users high profile may have spread to Hotmail and Yahoo (NSDQ: YHOO) mail services, although it remains uncertain whether the attack originating in China, was sponsored by the State.

Google (NSDQ: GOOG) revealed this week that hundreds of Gmail users, including military personnel, senior U.S. government, China political activists, South Korean officials and journalists, came under attack sophisticated spear phishing, which seems to come from Jinan, China, trying to infiltrate your e-mail accounts and monitor communications.

The attackers were able to hijack user accounts by using social engineering scams that brought victims to click on links that redirected to fake sites to access Gmail. In fact, hackers to trick users to send passwords created the false entry sites.

Gmail spear phishing attacks continue nearly two months after Google reported that the attackers were exploiting a publicly reported vulnerability MHTML against journalists and political activists who use their services.

The independent security researcher Greg Walton reported that Gmail exploit the vulnerability, which affects users running Internet Explorer, was against journalists and political activists, with a multiplication spread the message of “phishing” on Facebook.

Recently, Trend Micro researchers discovered that Hotmail and Yahoo Mail was the victim of similar phishing attacks, although it is unclear whether the attacks were related to affect Gmail.

During the attack on Hotmail, users are subjected to a phishing email pretending to be the Facebook security team. Users are infected with malware simply by opening the email, no need to click on a malicious link.

Also, Yahoo Mail users were also targeted by an attack that users attempted coup cookies “in order to access their email accounts. During the attack, miscreants Yahoo Mail users sent an e-mail that contains two annexes, one that is a malicious document and the other a faulty script exploit cross-site, ultimately making the unsuccessful attack.

Nart Villeneuve, Trend Micro threat researcher, said in a blog that the series of attacks against various email services indicate that attackers are finding new ways and increasingly sophisticated to infiltrate the user accounts and access Web mail your information.

“These facts show that, in addition to attacks targeting users into opening malicious attachments, usually PDF files. DOC, attackers are also trying to exploit vulnerabilities in popular web mail service to endangering the Web mail accounts, to monitor communications and obtain information to stage further attacks, “he said.

Mike Paquette, chief strategy officer in the upper layer, said although the reasons remain phishing and identity theft of intellectual property, and political activism, the recent Gmail and other webmail attacks indicate the growing trend of phishing each automated complex and users become smarter tactics of the authors.

“Phishing attacks are becoming more specific and use the context of relevant targets to attract beneficiaries in the provision of information,” said Paquette. “Phishing attacks requiring less user intervention. In fact, today, many of these attacks are not directly asking users to disclose confidential information, but depend to entice the user to click a hyperlink, the launch of its Web browser to a malicious Web site that are operated remotely your computer, simply by depositing malware to steal sensitive information and get it. “

Report to Team

Please feel free to send if you have any questions regarding this post , you can contact on

Disclaimer: The views expressed on this site are that of the authors and not necessarily that of U.S.S.POST.


Comments are closed.