The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to Verizon, Kemuri Water Company and whaling for tax forms.
Last week, Verizon discovered a vulnerability in their online portal that allowed hackers to extract the contact information of over 1.5 million enterprise customers. These customers use Verizon Enterprise Solutions to run the day-to-day operations at their respective companies. The contact information was very likely related to the technical managers or employees at these companies, who are easy targets for phishing or spear phishing attacks. The security vulnerability that was used to obtain this information has been fixed, but the customer database is currently being sold online for a large sum of money. Click the link below to read more.
https://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterprise-customer-data/
Earlier this week, hackers were able to gain access to the control systems at a water treatment plant. The name of the company was not given in the security report, but it was given the pseudonym, Kemuri Water Company (KWC). The report stated that hackers used SQL injection and phishing techniques to gain access to the operational control system using stolen credentials. Once they accessed the system, they were able to make changes to the chemical mixtures used in the water treatement process. As a result, the hackers were able to handicap KWC's operations. However, these changes were detected by the control systems and KWC was able to reverse the effects. Click the link below to read more.
http://www.theregister.co.uk/2016/03/24/water_utility_hacked/
Sprouts Farmers Markets was hit by a phishing attack aimed at obtaining employee contact and tax information. Using a spear phishing e-mail, the scammers were able to trick the payroll department into sending them the W-2 tax forms of their employees. The information included on these forms contained names, addresses, salaries and Social Security Numbers. This new type of spear phishing attack has now been dubbed "whaling" because the e-mails used in the attack appear to come from a senior member in the company or the CEO, but are actually the scammers pretending to be the same. Click the link below to read more.
http://www.infosecurity-magazine.com/news/w2-whaling-epidemic-hits-sprouts/
APHC