Robert Hensing's Blog

Software Security . . . and stuff.

Yes Virginia, they really are out to get you . . . (Spear phishing for fun and profit)

Yes Virginia, they really are out to get you . . . (Spear phishing for fun and profit)

  • Comments 1
  • Likes

Not content to let the Chinese dominate the attachment based espionage game . . . it looks like the Russians are finally getting in on the act: http://www.first.org/newsroom/globalsecurity/157668.html
I think it's pretty awesome that MessageLabs has the capability to detect and block these types of attacks.
This looks like the full link to where you can download the report: http://www.messagelabs.com/intelligence.aspx, direct link to the PDF here: http://www.messagelabs.com/mlireport/MLI_Report_September_Q3_2007.pdf

It appears that the Word documents are actually just RTF files that contain an embedded .SCR file (which is an executable file type) and the Word document when opened just shows the embedded RTF file with a filename designed to socially engineer the user into launching it.  It doesn't appear that any exploits are being used here - just good old fashioned social engineering.

Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment