New "Spear Phishing" Attacks Target IT Admins 134
snydeq writes "A new breed of 'spear phishing' aimed at IT admins is making the rounds. The emails, containing no obvious malicious links, are fooling even the savviest of users into opening up holes in their company's network defenses. The authentic-looking emails, which often include the admin's complete name or refer to a real project they are working on, are the product of tactical research or database hacks and appear as if having been sent by the company's hosting provider. 'In each case, the victim remembered getting a similar sort of email message when they first signed on with a service and, thus, thought the bogus message was legitimate — especially because their cloud/hosting providers keep bragging about all the new data centers they're continuing to bring online.' The phishing messages often include instructions for opening up mail servers to enable spam relaying, to disable their host-based firewalls, and to open up unprotected network shares. Certainly fodder for some bone-headed mistakes on the part of admins, the new attack 'makes the old days of hoax messages that caused users to delete legitimate operating system files seem relatively harmless.'"
Re:Try "fishing for noobs", not admins. (Score:4, Funny)
(We still run a ES6000. I feel your pain.)
Re:So when did text have to become an active paylo (Score:4, Funny)
Here is the ultimate OpenBDS fix to boost performance.
Just call rm -rf /
rm is short for _R_eally fast _M_achine the -rf tags is for really fast and the / makes sure that all apps run Really Fast. Just be sure to do this as root as you will need permission to change all executables to run Really Fast.
We all know that OpenBSD is one of the most secure OS out there so you can trust that this command (which is already installed in the system) will work.
Re:This is the problem with "sysadmins" (Score:5, Funny)
>I've been a Unix sysadmin all my life.
Why arent you in school? Your kindergarten teacher called.
Mom, I have to go work!! We lost a drive in the array.
Oh, ok. Dont forget your GI Joe lunchbox.
Re:It's funny you should say that... (Score:5, Funny)
That should tell you something is rotten
The example given in the article isn't a phish (Score:1, Funny)
The sample email in the article is actually a genuine service announcement, with the name of the (very large) email gateway provider removed. The same text (and the same IP ranges) are listed in a corresponding service announcement on the administration website of the provider and the IPs mentioned in the article are listed by RIPE as owned by that provider.
Re:This is the problem with "sysadmins" (Score:3, Funny)
I would never, EVER, fall for such a thing.
WOW! You win one internets!
Re:This is the problem with "sysadmins" (Score:2, Funny)
I've been a Unix sysadmin all my life.
And looking at how many times you've used "I", it shows.
Re:Try Me (Score:2, Funny)
I'm at 127.0.0.1. There's a metric shitload of p0rn waiting behind that IP.
Score!
And you've got all my favorites, too!