[Fed-Talk] Another Head up: Spearphishing with Mac trojans
[Fed-Talk] Another Head up: Spearphishing with Mac trojans
- Subject: [Fed-Talk] Another Head up: Spearphishing with Mac trojans
- From: "Disiena, Ridley J. (GRC-VO00)[DB Consulting Group, Inc.]" <email@hidden>
- Date: Thu, 02 Jun 2011 09:37:18 -0500
- Acceptlanguage: en-US
- Thread-topic: Another Head up: Spearphishing with Mac trojans
Just another FYI, while it was not sent via the list, the same fake gmail account that sent the other spearfishing to this list, appears to also have sent direct messages prior to that attack attempt.
My guess is they poached the mailing list archives for email addresses, sent direct messages to users on the list. All it probably took was one member account to be compromised and then they switched to that membership to the fake gmail account then posted to the list. Here is the message info.
Subject: "SCM SCR3500 Smart Card Reader-Mac OS X"
Body: "I am very pleased to announce the SCM SCR3500 Smart Card Reader is available on both the Apple Online Store (US) as well as from your Apple Sales Team."....
Attached is payload also is an app made to look like a media file of some sort, but it is a package. Please warn your IT Security as appropriate. Stay vigilant out there!
-Ridley
Ridley DiSiena CISSP NASA Emerging Technology and Desktop Standards
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden