Phishers who got ahold of internal email lists and addressed users by their first name were able to install key loggers on 60 internal machines at an unnamed bank by tricking people into following a link with a very realistic phish, according to CSO Online.
Phishers using harvested, internal email addresses to make their phishes more believable to targeted, named users, has been on the rise for several months, according to my sources at Trend Micro. This is troubling because users who are addressed personally are more likely to open mails and click links.
More troubling, to me anyway, is that they use a journalist name to get users to click in response, at which time they get the keystroke logger.
According to the CSO article, the phishers posed as a journalist with the Financial News, "I am a reporter for Finance News doing a follow up story on the recent leak of customer records from [the bank’s name]. I saw your name come up in the article from Central News and would like to interview you for a follow-up piece."
A search on the reporter's name and magazine association proved the name was fictitious. But what if the phishers get smarter and use a real journalist's name? What if, for example, they used my name, linked to my site, telling them that I found a huge security hole in their computer please click here so we can follow up on it?
Thanks, Tom Parish, for showing me this story.