Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Advance-Fee Scam Using Coca-Cola Brand | Main | Pathetic Bank of America/AOL Mule Recruitment »

April 04, 2011

Phishing Phield Day Ahead

Those of us who keep an eye on internet spamming and scamming are shaking our heads in disbelief at the revelation of a major theft of an email provider's database. The company, Epsilon, manages customer mailings for a large number of large corporations, almost all of whose names you'd recognize in an instant. The list includes many giant financial institutions, as well as companies where you conduct online commerce.

So far, 35 companies' customer email lists have been reportedly stolen. In theory, the information includes both the email address and name of the person. It's one thing to have just your email address find its way into the spam economy, but if a crook knows:

  • Your email address
  • Your name
  • That you have done business with Company X

then it's less than an hour's programming to devise an ultra-convincing phishing scam that targets customers of Company X by name. Instead of starting the scam email message with "Dear Member" or "Dear Customer" as they usually do, it will begin with "Dear Danny Goodman" or whatever name you have on file with that vendor. Not only that, but the scammers will now be very efficient in their phishing attempts because they won't be wasting millions of messages on random email addresses hoping to find a match for a customer of the phished company.

In fact, it wouldn't surprise me if the phishers use the Epsilon breach as a premise in their phishing emails: "You've probably read about the email address theft of our accounts, so please, Danny Goodman, verify your Company X account by clicking this link within the next 24 hours or we will permanently close your account with us."

For more about the potential implications of the Epsilon theft and a list of known companies whose lists were lifted, see Brian Krebs' blog posting.

This event may be the email equivalent of the Great Train Robbery.

Posted on April 04, 2011 at 10:57 AM