The SANS Web Storm Center on Monday issued a warning to CEOs: don’t be fooled by fake federal subpoenas sent by e-mail. The fake e-mails are part of a phishing attack targeting CEOs of some companies. Such targeted attacks are widely known as spear-phishing attacks.

“We’ve gotten a few reports that some CEOs have received what purports to be a federal subpoena via e-mail ordering their testimony in a case. It next asks them to go a link and download the case history and associated data,” said John Bambenek, a defense researcher at the University of Illinois at Urbana-Champaign and Net Storm Center handler, in an online post. “One problem,” he continued, “it’s total bogus.”

go Here for Malware

Bambenek described the attack as a “click-the-link-for-malware” typical spammer stunt. His instant advice: First and foremost, don’t visit on such urls. An interesting component of that scam, he said, is that it properly identifies CEOs and sends e-mail directly.

Federal courts do not “serve” formal processes by e-mail. While there

is an Electronic Case Management System, the initial contact for a subpoena, lawsuit or other process is done the old fashioned way — hand delivery.

“Presumably, whether you did already get served, you would have a lawyer handling the case for you. In that instance, the lawyer, not you, would be getting electronic notices from the court after service has been handled,” Bambenek said.

Targeting a shield CEO

Cyveillance President and CEO Panos Anastassiadis was one of the corporate chiefs targeted. The e-mail instructed Anastassiadis to seem in a U.S. courthouse on May 7, and provided a link to download the subpoena.

The Web page says the case has been closed and no further action is due from the visitor. However, clicking on the link will not only load the page, but plus download a Trojan that would…

Original post by James Allan Brady

signal lcd technological images web 2 earphones USB tvs IBM robots