Tuesday, March 1, 2011

Canadian Government Subjected to a Spear Phishing Attack

In late February, the Canadian Treasury Board and Department of Finance were the subject of a spear phishing attack. Spear phishing is a new technique in which the phishing message appears to come from a trusted person of authority within the organization - in this case within the department. The messages can therefore carry the authority of that person and if they are carefully crafted, their request can seem reasonable and well grounded.

Fortunately, in this case, the security apparatus in place enabled the intrusions to be detected and a lock-down was initiated to protect the data.

The incident points, however to the ever evolving sophistication of fraudulent activity and the need for intense vigilance to combat such activity. For an account of the attacks, check out this article.

No comments: