Whaling attacks: Taking phishing attacks to the next.
Reviewing all uses of the whale's accounts. News Tags, adobe (272 anonymous (335 apple (769 backdoor (350 bank (846). Google (1,144 government (4,780 hacker (4,852 headline (12,973 malware (1,523 microsoft (1,347) NSA (620) Password (432) Patch (610) Phish (231) Phone (1,314) Privacy (2,957) Russia (594) Scam (269) Science (339) Social (253) Space (212) Spam (362) Spyware (919) Terror (299) Trojan (271) Twitter (265) USA. Bootnote, while public debate on whether or not Communications Minister Stephen Conroy will be able to bring in legislation to support his great firewall project before the next election, a reader writes to suggest it really doesn't matter. The latter include new obligations on both ISPs and end-users to keep the net free from viruses. Apparently all browsers are susceptible to this including Chrome, Firefox, Internet Explorer and Opera (on Windows XP anyway). Companies targeting whales as customers may want to keep these types of attacks in mind so they are not used to attack the whale itself. The report also came up with a series of some 34 recommendations that ranged from the banal - the Australian Communications Department should publicise the issues more widely and support the development of community-wide IT literacy training that includes cyber security to the slightly more. These individuals typically have the least amount of time available to attend security awareness training, so only include applicable targeted antiphishing security controls in your trainings. The government just bought the AU last mile from Telstra and as part of the deal requires Telstra to "retire" their existing copper loop. The report - entitled, hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime (pdf) - is a 260-page opus, published this week and compiled under the chairmanship of Ms Belinda Neal. It could even extend into targeted localized attacks on online banking systems. Viruses account for 24 percent of all malware on the web. Data loss (2,315 doS (379 email (351 facebook (543 fBI (322 flaw (2,656 fraud (1,491). (All questions are anonymous.).
Continue Reading, have a question for an expert? The use of Tabnapping, the recently-identified phishing technique, is on the rise, says Panda Labs. According to Pandas latest Quarterly Report on IT Threats, the technique is likely to be employed by more and more cybercriminals and users should close all tabs they are not actively using. Researchers at Trend Micro found a new strain of malware - dubbed FacexWorm - that targets users via a malicious Chrome extension. While standard enterprise protections against phishing should already be in place in your enterprise, you may wish to target them toward your high-profile end users specifically. What is a whaling attack and are there specific actions an enterprise should take to defend against it? Panda also revealed attacks on social networks, fake antivirus software and poisoned links in search engines continued to be popular techniques used by cyber criminals. Using the recent history disclosure bug in most browsers, sneaky attackers could actually scan a users browser to confirm which sites a user has visited then create the tabnapping site according to that reinforcing its effectiveness. PC Advisor article here. The security firm said Taiwan had the most number of infection, with just over 50 percent of all global malware infections happening in the country, while Russia and Turkey came close behind. Last updated: September 9, 2015 9,804 views. These conclusions were based on evidence that the Committee heard, to the effect that Australian consumers (and businesses) were being targeted by cyber criminals as never before, with a total cost to Australian business as high as 649m a year. Whaling attacks are a sub-type of phishing attacks. The committee were also told that increasing internet speeds were likely to make the situation worse. If someone were to use pretexting to socially engineer a password reset for Paris Hilton's smartphone, the phisher could easily gain access again to whatever sensitive data she had saved on the device.
The aim of the phisher is to attack that tender spot. Login credential security: How to defend against tabnapping.
Whaling attacks are becoming more common.