back to article Phony BBB email dupes more than 1,400 execs

A provider of online security services has uncovered a highly sophisticated phishing scheme that has already duped at least 1,400 US executives. They were fooled into sending sensitive information in response to an email purporting to come from officials at the Better Business Bureau. The ruse starts with an email addressed to …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Why don't they attack congress(wo)men like this...

    Maybe if our (USA) lawmakers get attacked and nasty details are published, it MIGHT (sometimes I doubt it though!) get some action. Unfortunately most lawmakers don't directly read their email as it is probably all printed out for them.

    For those in the UK, s/congressman/MP/ .

    Of course, a good secondary target might be executives at the Direct Mail Marketing Association.

    In the mean time, we can only hope that someone will "get a clue".

  2. Anonymous Coward
    Anonymous Coward

    Something Fishy

    Just how did reverse engineering the browser's helper object let Joe Stewart know that 1400 execs had taken the bait ?

    And why am I now reluctant to click on his company's link ?

  3. Anonymous Coward
    Anonymous Coward

    Nice to see...

    that browser helper objects are still loaded by default. The functionality can be disabled. During my time in the internet security field, I came up with a proof of concept which showed exactly how a BHO might do this exact thing. Kind of strange to see it popping up in the wild some 6 years later. We informed MS at the time that it was a massive security risk. Especially given the rapid popularity online banking was gaining. Everything changes, but of course, nothing changes.

  4. Keith Turner

    You'd have thought they'd known by now

    Yet another ruse that targets IE.

    One wonders how M$ can carry on so much about 'security' when their browser continues to be as secure as a wet paper bag.

    When will the corporates grow up?

  5. Anonymous Coward
    Anonymous Coward

    "something fishy" can you read?

    Reverse engineering lead to finding a website, finding this website lead to the discovery of data for 1400 execs. So what's fishy about that?

  6. Dillon Pyron

    Congress critters?

    Why target our lawmakers (Congress, MPs, etc)? They were looking for information of value, not the stuff that goes into laws. That's useless, even more so once it gets published.

    Now lobbyists. I'd pay for that information.

  7. Anonymous Coward
    Anonymous Coward

    Catch and Release ?

    Let's see ... I'll develop an effective hook, hand-craft at least 1400 emails and after all my trouble I'll "store" my precious catch in a public place.

This topic is closed for new posts.

Other stories you might like