WSJ And NY Times Victims Of Spearphishing

Friday, February 01, 2013 15:28
edit
WSJ And NY Times Victims Of Spearphishing

Tags: New York Times | spearphishing | Wall Street Journal | WSJ

The New York Times and Wall Street Journal are just the latest victims in a nasty scam cybercriminals are using to get inside a company’s network.

This Website Is For Financial Professionals Only


 

Hackers from out of China have managed to get inside the computer systems of the Wall Street Journal and New York Times.  The hackers were able to get the passwords of 53 employees, gaining them access to the employees’ personal computers, through a tactic known as spearphising.

 

The spearphising tactic is started when the cybercriminal sends an email to either a single user or a department within a company.  These emails typically appear to come from a trusted source within the company such as the human resources department and will contain a bogus link or attachment that once clicked on or opened will automatically install malicious software.  The cybercriminal now has access to all of your sensitive data and is able to use that to get accessibility to all of the sensitive data within your company.

 

Protect yourself from falling victim to a spearfishing scam:

 

1.  Don’t click on the link.  Hover over the link in the email to see the web address the link is directing you to.  If the web address is not matching up to what the link says don’t click on it.  Instead of clicking on the link from the email type the URL address into the web browser.   

 

2.  Antivirus.  Make sure that you have an up-to-date antivirus on your computer.

 

3.  Use a password management tool.  A tool like RoboForm automatically stores your login credentials and will automatically fill them in only at the correct web site and not a fraudulent one.

 

Read more on the attack at The New York Times and Wall Street Journal:

http://abcnews.go.com/Blotter/york-times-alleges-chinese-hack-attack/story?id=18365205

 

Read more about spearfishing:

http://www.mandiant.com/threat-landscape/anatomy-of-an-attack/

 

http://www.esecurityplanet.com/network-security/how-to-prevent-spear-phishing-attacks.html

Comments (0)

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy