The DefenseTech.org blog has a great post about the phishing emails from China that were used to penetrate the U.S. State Department.
There is a good lesson here. If you follow the link to the post "you’ll see a screen grab showing what’s apparently the text of one of the phony phishing emails sent to senior U.S. government officials’ Gmail, Hotmail and Yahoo mail accounts by hackers in China." They were very well done! Very legitimate looking! It would be hard to blame the user in a small corporate environment for getting fooled.
("What Those Chinese Phishing Emails Look Like" defensetech.org)
Here is the moral of the story:
- Do Not open attachments from unknown or unverified sources!
If you are not sure who it is from, or if it is legitimate:
- forward the message (don't reply) to the supposed sender after removing any attachments, and ask them if they really sent it.
- or pick of that old tech, the phone, and call the supposed sender and ask them.
Don't take the bait!
More:
Cyber-Attacks on Gmail, Defense Industries Linked to China: Investigators
No comments:
Post a Comment