Monday, February 20, 2012
Criminals Exploit Stolen Customer Data From Stratfor
By SOMINI SENGUPTA
It began as a case of political hacktivism. Late last year, under the banner of the loose collective known as Anonymous, hackers broke into the systems of Stratfor Global Intelligence Service, a company that analyzes geopolitical risks worldwide. They stole the names, e-mail addresses and credit card numbers of thousands of its subscribers and posted them online for all to see.
That information apparently became lucre for criminals with commercial goals. Stratfor customers began receiving e-mails from what, at first glance, looked like Stratfor. An attached PDF file came with what looked like Stratfor letterhead. It warned of the risk of "harmful software" and asked the user to download an antivirus program by clicking on an embedded link. As it turns out, the link downloaded a piece of malicious software. It was detected by Microsoft's Malware Protection Center, which posted about it on its blog this week.
It's a classic example of what is known as social engineering -- tricking unsuspecting Internet users into downloading malware that can in turn be used to extract financial gain. The social engineering messages are often disguised as e-mails from friends and associates.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.