DCPolitics

Spear Phishing Congress? State Legislatures?

LAWMAKERS TARGETED BY CYBER ATTACK …  The Federal Bureau of Investigation (FBI) is warning members of the U.S. Senate and State Senates across the country of a “spear phishing” threat allegedly targeting their professional and personal email accounts. “We have reason to believe members of the US Senate, State Senates,…

LAWMAKERS TARGETED BY CYBER ATTACK … 

The Federal Bureau of Investigation (FBI) is warning members of the U.S. Senate and State Senates across the country of a “spear phishing” threat allegedly targeting their professional and personal email accounts.

“We have reason to believe members of the US Senate, State Senates, and other elected legislative officials may have been or will be targeted, in the near term, by a spear phish campaign,” an FBI flash advisory issued late last week revealed. “FBI has observed unattributed cyber actors, suspected to be state sponsored, performing research on members of the US Senate as well as members of the State Senates. This activity is typically a precursor to a spear phish attack.”

Wait … what the heck is a “spear phish attack?”

“It’s an email that sends you a link to a site that looks legit – like the real Bank of America site – but instead it’s a fake site and they get your password and other info and steal from you,” technology expert Karl Steinborn explained to FITS.

Ahhh …

According to the FBI, “as of 13 August 2014, some of the spear phish emails to State Senators have already been sent” as part of an “advanced threat.”

South Carolina lawmakers were notified of the threat by Gigi Brickle, executive director of the S.C. General Assembly’s legislative services agency (LSA).

“Please read the following FBI alert and take the necessary precautions,” Brickle wrote in an email to lawmakers.

Hmmmmm …

Ordinarily we’d feel sorry for the “victims” of something like this, but given the deception these politicians employ on a daily basis to steal from us there’s a certain poetic justice associated with people using deception to steal from them.

Bleed ’em dry, we say …

FBI FLASH ADVISORY (.pdf)

Related posts

Politics

Donald Trump And Lindsey Graham Spar Over Abortion

Dylan Nolan
Politics

Prioleau Alexander: We Did That!

E Prioleau Alexander
Politics

Sheriff’s Wife Running Unopposed After Filing For Husband’s Position

Andrew Fancher

10 comments

Luddites in legislature August 18, 2014 at 10:04 am

Most of them are old people that click on every link/attachment they get in their email and then tell the IT guy, “I don’t know what I did!”

So glad that IT isn’t my career…I think I’d end up going postal.

Reply
The Colonel August 18, 2014 at 11:17 am

Can you imagine being the IT guy at your local post office?

Reply
K.Mann August 18, 2014 at 10:52 am

How do we know that the FBI flash advisory link above is not a spear phish link?

Reply
Hello George August 18, 2014 at 11:25 am

Click on it and let us know.

Reply
The Colonel August 18, 2014 at 11:16 am

“…Wait … what the heck is a “spear phish attack?”

“It’s an email that sends you a link to a site that looks legit – like the real Bank of America site – but instead it’s a fake site and they get your password and other info and steal from you,” technology expert Karl Steinborn explained to FITS….”

Actually Will, a spear fish attack is a little more insidious than that, from Computer World: “…similar to regular phishing scams in that they try to lure victims into sharing confidential data or downloading Trojan horse programs….spear phishing is far more targeted, and the e-mails are much more customized than regular phishing missives.

Spear fish attacks are generally targeted at a specific group of people rather than the world at large, they are often launched using stolen email lists from professional or social organizations. Because they are so targeted the smaller number of emails often doesn’t prompt the general warnings you will see on other e-scams. Always check the URL of any link before you click on it, if you’re not sure, call the organization from their published number vice a phone number on the email.

Reply
TontoBubbaGoldstein August 18, 2014 at 11:38 am

Dear Congresscritter,
Please allow me to introduce myself. I am Tonto “Bantu” Goldstein, Director of the Official Nigerian National Democratic Foriegn Political Cas Disbursment Bureau. Certain monied Nigerian inyerests are desorous of making large cash co

Reply
shifty henry August 18, 2014 at 11:42 am

10+ ..

Reply
Playing poker in Nigeria August 18, 2014 at 11:59 am

lol…brilliant…love the purposeful spelling of “desorous” too…all the little nuances are there.

Reply
Beartrkkr August 18, 2014 at 6:54 pm

He did, however, leave out the “God bless” ending…

Reply
Granite Burner August 19, 2014 at 9:59 am

You realize “state sponsored” means hostile foreign governments? Do you really want the Chinese reading our tariff negotiating strategies before the deal is struck? “Bleed them dry” will bleed you wallet too.

Reply

Leave a Comment