John Markoff’s article in the New York Times “Larger Prey Are Targets of Phishing” emphasizes that people must always be vigilant in not opening emails from unknown entities.  It’s important for email administrators to continue educating their email community.   Quite a few email administrators were definitely in the hot seat with this high profile phishing attack.

Over 2,000 executives received phony, but very official looking, subpoenas to appear in court. From the email they were fooled into thinking they could download a copy of the subpoena. Instead different variants of key logger programs were installed on each computer. Key logger programs intercept personal or sensitive corporate information typed on the computer keyboard.

John goes on to explain “The tactic of aiming at the rich and powerful with an online scam is referred to by computer security experts as whaling. The term is a play on phishing, an approach that usually involves tricking e-mail users — in this case the big fish — into divulging personal information like credit card numbers. Phishing attacks that are directed at a particular person, rather than blasted out to millions, are also known as spear phishing.”

Recipients of the e-mail messages were directed to a spoofed web site.  It had a realistic copy of the graphics from the real federal court site. Email readers were asked to download and install what was supposed to be document reader program  from Adobe, which allows viewing of electronic documents.

Several security consultants indicated the real danger of the attack lay in a second level of deception, after the hidden software provided the attackers with digital credentials like passwords and electronic certificates.

“There are very subtle nuances to their attacks that are well known in the financial industry but are not well publicized,” said Matt Richard, director of the Rapid Response Team at iDefense.

Apparently criminals are focusing a particular area of the financial industry. Law enforcement officials were investigating the fraudulent documents.

Although the software package used to deliver this stealth program is well known by security professionals, it was hidden on the computer in such a manner that it could not be detected.

The FBI would not comment on this particular phishing attack.