SCF Advanced Search

  • Total Members: 13889
  • Latest: loutlos
  • Total Posts: 40176
  • Total Topics: 14281
  • Online Today: 699
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Targeted E-Mail Attacks: The Bull's-Eye Is on You  (Read 2197 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum
Targeted E-Mail Attacks: The Bull's-Eye Is on You
« on: 14. November 2008., 09:03:46 »

Far more dangerous than a normal e-mail attack, targeted attacks choose a particular person as the prospective victim and tailor their message to that recipient. Since their creators craft the messages carefully (with few spelling and grammatical errors, for example), these attacks lack tell-tale indicators and thus stand a far greater chance of snaring a victim.

A recent e-mail blast sent out to LinkedIn users followed this pattern. The e-mail, which appears to have come from and addresses LinkedIn members by name, purports to provide a requested list of exported business contacts. In reality, the attachment launches a malware assault against anyone who double-clicks it.

LinkedIn is mum on the question of how attackers managed to lift the contact information for the 10,000 users who received the targeted messages, but similar attacks against users last year relied on contact data stolen via a Trojan horse malware infection. Using attacks masquerading as messages from the Better Business Bureau and the Internal Revenue Service, scammers may have lifted names and business titles from profiles on social networking sites and even company Web sites. And a Hungarian site recently disclosed a Twitter vulnerability that allows anyone to type in a URL and see supposedly private messages.

Like nontargeted attacks, the tailored messages direct potential victims to open an attachment or to visit a Web site, which then launches an assault. Patrik Runald, chief security advisor with F-Secure, says that some attacks in the past directed users to visit a site that tried to install a malicious ActiveX control. The control was signed with a valid but stolen certificate to avoid the warnings about installing an unsigned ActiveX--another example of the sophisticated planning that goes into this type of con.

Runald says that targeted attacks--particularly those launched against high-profile targets such as military or defense contractors, government agencies, and certain nonprofit organizations (including groups concerned with Tibet and Darfur)--typically use Word documents, PowerPoint files, or PDFs as attachments. E-mail attachments have enjoyed a recent resurgence as attack vectors after falling into disfavor among crooks for some time.

As always, exercising caution is essential to protecting your system from poisoned e-mail links or attachments. Make it a habit to run suspect links past free online scanners such as LinkScanner at Another way to avoid being attacked by a booby-trapped attachment is to open it in a nonstandard program. For example, opening an attack PDF with FoxIt Reader instead of with Adobe Reader would likely neuter it--which is all the more reason to try out alternative applications.


Samker's Computer Forum -

Targeted E-Mail Attacks: The Bull's-Eye Is on You
« on: 14. November 2008., 09:03:46 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising