Source: The New York TimesLast week thousands of high-ranking executives across the US received e-mail messages that appeared to be official subpoenas from the United States District Court in San Diego. Each message included the executive’s name, company and phone number, and commands the recipient to appear before a grand jury in a civil case.
A link embedded in the message purported to offer a copy of the entire subpoena. But a recipient who tries to view the document unwittingly downloads and installs software that secretly records keystrokes and sends the data to a remote computer over the Internet. This lets the criminals capture passwords and other personal or corporate information.
Another piece of the software allows the computer to be controlled remotely. According to researchers who have analyzed the downloaded file, less than 40 percent of commercial antivirus programs were able to recognize and intercept the attack.
Contact David for more information on how ARC Training can provide your staff with information security threat and countermeasures awareness training.
