LAWMAKERS TARGETED BY CYBER ATTACK …
The Federal Bureau of Investigation (FBI) is warning members of the U.S. Senate and State Senates across the country of a “spear phishing” threat allegedly targeting their professional and personal email accounts.
“We have reason to believe members of the US Senate, State Senates, and other elected legislative officials may have been or will be targeted, in the near term, by a spear phish campaign,” an FBI flash advisory issued late last week revealed. “FBI has observed unattributed cyber actors, suspected to be state sponsored, performing research on members of the US Senate as well as members of the State Senates. This activity is typically a precursor to a spear phish attack.”
Wait … what the heck is a “spear phish attack?”
“It’s an email that sends you a link to a site that looks legit – like the real Bank of America site – but instead it’s a fake site and they get your password and other info and steal from you,” technology expert Karl Steinborn explained to FITS.
Ahhh …
According to the FBI, “as of 13 August 2014, some of the spear phish emails to State Senators have already been sent” as part of an “advanced threat.”
South Carolina lawmakers were notified of the threat by Gigi Brickle, executive director of the S.C. General Assembly’s legislative services agency (LSA).
“Please read the following FBI alert and take the necessary precautions,” Brickle wrote in an email to lawmakers.
Hmmmmm …
Ordinarily we’d feel sorry for the “victims” of something like this, but given the deception these politicians employ on a daily basis to steal from us there’s a certain poetic justice associated with people using deception to steal from them.
Bleed ’em dry, we say …
10 comments
Most of them are old people that click on every link/attachment they get in their email and then tell the IT guy, “I don’t know what I did!”
So glad that IT isn’t my career…I think I’d end up going postal.
Can you imagine being the IT guy at your local post office?
How do we know that the FBI flash advisory link above is not a spear phish link?
Click on it and let us know.
“…Wait … what the heck is a “spear phish attack?”
“It’s an email that sends you a link to a site that looks legit – like the real Bank of America site – but instead it’s a fake site and they get your password and other info and steal from you,” technology expert Karl Steinborn explained to FITS….”
Actually Will, a spear fish attack is a little more insidious than that, from Computer World: “…similar to regular phishing scams in that they try to lure victims into sharing confidential data or downloading Trojan horse programs….spear phishing is far more targeted, and the e-mails are much more customized than regular phishing missives.
Spear fish attacks are generally targeted at a specific group of people rather than the world at large, they are often launched using stolen email lists from professional or social organizations. Because they are so targeted the smaller number of emails often doesn’t prompt the general warnings you will see on other e-scams. Always check the URL of any link before you click on it, if you’re not sure, call the organization from their published number vice a phone number on the email.
Dear Congresscritter,
Please allow me to introduce myself. I am Tonto “Bantu” Goldstein, Director of the Official Nigerian National Democratic Foriegn Political Cas Disbursment Bureau. Certain monied Nigerian inyerests are desorous of making large cash co
10+ ..
lol…brilliant…love the purposeful spelling of “desorous” too…all the little nuances are there.
He did, however, leave out the “God bless” ending…
You realize “state sponsored” means hostile foreign governments? Do you really want the Chinese reading our tariff negotiating strategies before the deal is struck? “Bleed them dry” will bleed you wallet too.