2012 January

January 2013

First Phish of the New Year

Well it looks like 2013 is going to be another interesting year in cyber security. We are not even through the first couple of days, and somebody has already thrown out the first phishing line into the water. I’m sure that all of you have at some point received an email that made you scratch your head. If not…just wait, more will follow. Firewalls are programmed to block unwanted incoming packets, and hackers know that if someone from the inside clicks on a link or opens an attachment, then the user will be requesting the packets to be escorted safely through the firewall over exisitng open ports.

Phishing attacks accounted for the highest number of cyber security incidents in 2012, and it looks like 2013 is off to a great start. Check out the little gift that showed up in my inbox this morning…

First Phish of the New Year

If you ever receive an email that asks you to click on a link, or open an attachment, take a step back and read all of the details involved in the email first to make sure that it seems right. For me this one was an easy one to detect because I do not have any IT Services or inboxes hosted in Sweden (the .se domain extension on the email source).  Even if the content of the email seems right and appropriate, I would take an additional precaution and go to the root domain of the source of the email to see if the domain is even a legitimate web site. So for this one, I went to www.svenskakyrkan.se (mostly out of curiousity), and found that the site did not exist.

Okay, so I’m now 2 out of 2, and know for sure that this is a phishing campaign to attract unknowing victims to click on the email.  Lastly, if you are a brave soul, you could spin up a Virtual Machine, and actually click on the link.. start up a debugger, open up a bag of popcorn, and sit back and enjoy the entertainment, as the malware hooks into the operating system of your virtual machine and begins to phone home back to the owner of the site, who now has remote control of your computer. I’m not saying that this is what the link in this phishing campaign does, but many like this one are deisgned to allow a remote attacker to have control of your computer.

So not even 3 days into the New Year, the nets are being cast, he botnet armies are swarming, malware is rampant, and it is appearant to me that 2013 will be another fun ride in the world of cyber security. Brace yourself folks, it’s going to be a fun ride.

Best Wishes for the New Year!

Jonathan

Leave a Reply