What are some steps you CAN take if you get this type of message?

August 19, 2008 by idhelper

*Copy the internet header and forward to phishing@cbbb.bbb.org, which will reach the Council of Better Business Bureaus, Inc.

*Don't assume that "they already know about it so they don't need to hear from me." Addresses and messages constantly change so each one is important in tracking down the perpetrators and prosecuting them.

*Not only does reporting spear phishing scams stop current scams and protect others, reporting them also helps programmers improve security programs to prevent future spear phishing attacks.

Joe Stewart of SecureWorks, has learned of a Chinese connection in both the IRS scams and the BBB scams. Stewart explains: "Typically when we see malware from China, it has one of two purposes - to either steam documents related to trade secrets of companies and military/government institutions, or to steal accounts from online role-playing games. This new scam doesn't seem to fit into either category, so it may represent the emergence of a new kind of Chinese-based cybercrime. The question is then, just what do Chinese malware authors intend to do with the vast amount of data they've stolen from over a thousand U.S. corporate executives?"

Being a personal or corporate victim of spear phishing is no joke. It can take days hundreds of hours and thousands of dollars to repair the damage caused by these types of scams. Spear phishing identity thieves are using attractive bait so beware of the hook and don't get reeled in. Protect and report are two key factors in improving our future computer security.

Lisa Carey is a contributing author for Identity Theft Secrets: prevention and protection. You can get tips on Identity theft protection, software, and monitoring your credit as well as learn more about the secrets used by identity thieves at the Identity Theft Secrets blog.

Permalink