Executives Being Targeted for Scams

A story in the Wall Street Journal last week describes a highly sophisticated scam making the rounds of corporate executive offices.

Using information apparently found on Linked-in, Facebook or other websites where detailed personal information can be found, scammers are sending highly personalized and convincing phishing emails to senior company executives, saying for instance, that there has been a Better Business Bureau or Equal Employment Opportunity Commission complaint (along with a case number) filed against their company, and asking the executive to respond to it. Once they do by clicking on the convenient link provided, the executive's computer is immediately compromised with software that logs all activity and send the information to the scammer. More than one executive has been torched.

I guess that we are still a ways away from 2006, you know, the year that Bill Gates said,"Spam will be solved.â'' I wonder if someone has tried to spoof him recently.

Anyway, Part 2 of the San Jose Mercury News series on hacking is now available. The article starts off with the stats that 50% of the IRS employees who received phone calls in an audit test earlier this year, purportedly from the computer help desk, requesting their user names and suggesting they adopt a new password, provided the requested information. This was up from the 35% who did so in a similar test in 2004, and down from the 71% who did so in 2001.


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Robert Charette
Spotsylvania, Va.
Willie D. Jones
New York City