Are Your Key Employees Being Targeted By Hackers?

Are Your Key Employees Being Targeted By Hackers?

Recently, a group of suspected Iranian hackers used Facebook and Linked-In to plant bogus profiles of attractive women and created a fake online news organization to get digitally closer to a couple of thousand people that the group wanted to spy on.

Once they had successfully befriended their targets through these fake profiles, the targets were emailed malicious links designed primarily to steal email account credentials. 

Supposedly, the hackers activity is consistent with government-sponsored espionage campaigns.  Of those targeted, most were U.S. military members, U.S. lawmakers, and journalists based in Washington, D.C., Israeli defense contractors, and lobbyists for Israel.  It is believed the hackers primarily wanted to obtain intellectual property or other sensitive information that would somehow benefit Iran.

The campaign, which started around 2011, is noted for its low-tech but effective social-engineering methods, In most of these cases, the hackers slowly bolstered fake but credible-looking online personas on social networks, using profile photos, often of attractive women, that were copied  from random photos obtained from other online sources.

Credentials from those profiles were used to befriend associates of the real target, who was eventually approached online. The victims were usually receptive to the social media invitations after seeing that the fake persona was already connected with various existing friends.

Although this particular group used some Malawi in their attack, it’s primary method for compromising  victims was simply tricking them into divulging login credentials for various Web-based services.

The attackers would eventually approach their target, using a message with a link to YouTube. A victim would first be directed to a fake Gmail login page in an attempt to gather the person’s credentials, before being redirected to the video. In other instances, the attackers spoofed the Web-based login page for corporate email systems.

The same approach could just as easily be used by a former disgruntled employee, business competitor, or someone or group intent on accessing your protected systems to steal such things as Credit Card data, customer information, or financial accounting data

Just one recent example of this sort of social engineering approach is with the Crypto-Locker Malware.

Most of the above attack vectors have a greater chance of success if the systems being attack did not have updated security service packs, or current Anti-Virus and Anti-Malware software installed.

If you would like to schedule a security review of your various systems, please contact the  CCS Retail Systems Support Department.

– John

Leave a Reply