Search This Blog

Monday, February 20, 2012

Criminals Exploit Stolen Customer Data

Excerpt from an article in The New York Times
Monday, February 20, 2012

Criminals Exploit Stolen Customer Data From Stratfor 

By SOMINI SENGUPTA

It began as a case of political hacktivism. Late last year, under the banner of the loose collective known as Anonymous, hackers broke into the systems of Stratfor Global Intelligence Service, a company that analyzes geopolitical risks worldwide. They stole the names, e-mail addresses and credit card numbers of thousands of its subscribers and posted them online for all to see.

That information apparently became lucre for criminals with commercial goals. Stratfor customers began receiving e-mails from what, at first glance, looked like Stratfor. An attached PDF file came with what looked like Stratfor letterhead. It warned of the risk of "harmful software" and asked the user to download an antivirus program by clicking on an embedded link. As it turns out, the link downloaded a piece of malicious software. It was detected by Microsoft's Malware Protection Center, which posted about it on its blog this week.

It's a classic example of what is known as social engineering -- tricking unsuspecting Internet users into downloading malware that can in turn be used to extract financial gain. The social engineering messages are often disguised as e-mails from friends and associates.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.