Posted by:
admin
15 years, 3 months ago
I have (just last post :) suggested before that the first systems to get true two-factor authentication will be the high-value brokerage and commercial accounts, pointing to Online Banking Solutions as being ahead of the curve in protecting their customers' customers.
This is a simple view: robbers go where the money is. In truth, they go where the money is the easiest to get given the tools at their disposal. So, it should come as no surprise that phishers are making use of existing online knowledge to target attacks at wealthier targets (and that the security industry would respond with a cutesy moniker):
The practice of targeting specific organizations or users with false messages ("spear phishing") isn't new. But with practice, phishers are getting better at researching their targets to find the wealthiest and most influential people online -- a practice sometimes called "whaling." And now, they also are using that research to social-engineer messages that are hard to ignore.
My guess is that are getting detailed information from a legitimate source, such as a resume on a job finder site or via a business-oriented social network, such as LinkedIn. Obviously, if someone is a high-level executive they are probably a ripe target - but you will have to make the phish look better that the typical spam phish email:
"For example, we've seen messages recently that not only call the user by name, but make reference to specific pieces of real estate that the individual owns," says Andres Kohn, vice president of product management at Proofpoint, which researches spam and phishing attacks in support of its messaging security tools.
My guess is that they are guessing about home ownership. Real estate records are public, so they could be using them, but I think it is easier to find an address from a good resume and assume ownership.
Share on Twitter Share on FacebookRecent Posts
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
Archive
2024
- January (1)
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)