[ISN] DHS warns of spear-phishing campaign against energy companies

https://www.computerworld.com/s/article/9238190/DHS_warns_of_spear_phishing_campaign_against_energy_companies By Jaikumar Vijayan Computerworld April 5, 2013 The Department of Homeland Security (DHS) has a warning for organizations that post a lot of business and personal information on public web pages and social media sites: Don’t do it. Phishers, the agency said in an alert this week, look for such information and use it to craft authentic looking emails aimed at fooling people in large organizations into opening and downloading things they shouldn’t. The alert was prompted by an incident last October in which 11 companies in the energy sector were targeted in a sophisticated spear-phishing campaign apparently aimed at breaching their network security. The phishing campaign was made possible to a large extent by information posted publicly by an energy company listing attendees at a recent conference. The employee names, email addresses, organizational affiliations and work titles so helpfully posted by the company was used by spear-phishers to launch customized attacks against energy sector companies. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org