Recently one of my corporate customers weathered an email spear phishing attack. An administrative assistant received an email purportedly from the CEO, but the details were a bit off. The assistant questioned a fact implicit in the email, that the CEO would have known. The assistant called me to investigate, and investigate I did! It turns out the email only appeared to be from the CEO. It actually was from a criminal masquerading as the CEO using a purposely similar email address. Here is an example to illustrate this technique. Suppose you normally email bill@microsoft.com. One day you get an email from bill@microosoft.com asking you for confidential...
Read More
Recent Comments