 | Anti
Virus
Yellow Pages |
Spear-Phishing
on the rise by Sharon Terdeman, PC Magazine, Pg. 68, October 18, 2005
issue plus
a note from the IRS February 8, 2006...
As
if there weren't enough threats to have to watch out for, a variation
on phishing that targets employees at specific organizations merits
notice.
Known as spear-phishing, this social-engineering technique
spoofs the
e-mail address of the sender so that the message seems to come from the
same domain as the target. The message appears to be sent by a known,
trusted person from perhaps the IT or human-resources department -- or
even by a top executive of the company -- and it tries to pry passwords
or other sensitive information out of employees.
According to security company Message-Labs' June report, such
techniques are on the rise and are also being used to deliver malware.
As with more familiar phishing scams, spear-phishing e-mails
may also
include links to bogus web sites.
[Italics are ours]: This
is
another form of identity theft to be aware of...
Addendum
2-8-06:
The IRS has urged taxpayers not to fall for phishing, a technique that
identity thieves use to get personal financial data from unsuspecting
victims. The thieves may pose as an IRS official and send an e-mail
asking for personal financial information. The IRS does NOT
send taxpayers e-mails.