Gmail attack shows growing cybercrime sophistication

Discussion in 'other security issues & news' started by Triple Helix, Jun 2, 2011.

Thread Status:
Not open for further replies.
  1. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    Gmail attack shows growing cybercrime sophistication!

    http://edition.cnn.com/2011/BUSINESS/06/02/google.gmail.phishing/index.html

    TH
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
    http://krebsonsecurity.com/2011/06/spotting-web-based-email-attacks
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I thought Gmail itself was attacked, not just consumers. The latter I can prevent, but the former I can't do anything.
     
  4. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,979
    Location:
    U.S.A.
     
  5. bonedriven

    bonedriven Registered Member

    Joined:
    Jan 14, 2007
    Posts:
    565
    Here's a demo of the phishing attack, in Chinese though.
     
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Targeted attacks have been around for at least five years, just as sophisticated, IMO.

    Targeted attack: experience from the trenches
    Published: 2006-05-21,
    http://isc.sans.edu/diary.html?storyid=1345
    And, more recently:

    Targeted e-mail attacks asking to verify wire transfer details
    Published: 2009-06-04
    http://isc.sans.org/diary.html?storyid=6511
    Targeted attacks have increased, of course, and use different scenarios, but just because now it's Google/Gmail (and other web mails) seems to be a catalyst for widespread coverage!

    In today's attacks where the victims willingly give out their passwords, the real (almost unsurmountable) problem in organizations is making people aware of the tricks, and informing them of the circumstances when they would be required to reveal their password.

    From the article:

    This type of targeting can happen in many scenarios, not just with webmail.

    regards,

    -rich
     
    Last edited: Jun 5, 2011
Loading...
Thread Status:
Not open for further replies.