Hackers prey on management with fake subpoenas
Suits stiffed
HACKERS ARE NO FRIENDS of the law, but it seems that they have found a way to use legal documents to their advantage; by sending out thousands of fake email subpoenas, which are starting to become very popular with the phishing crowd.
Internet security boffins reckon that thousands of senior management at various firms across the US have already fallen prey to the scammers, who send out fake subpoenas, seemingly issued by federal courts, telling their unsuspecting victims to click on a web link to download the relevant court forms and documentation. Once on the hacker websites, the naïve managers download and install the necessary “browser plug in software”, which is nothing more than Trojan backdoor software, giving the cyber perps total access to their prey’s computer.
The attacks, being dubbed “spear phishing”, are considered to be significantly more advanced than regular phishing, because they perfectly target their victims. Not only do they contain accurate information like the company’s name, address and phone number, they also rely heavily on social engineering, using hooks that are sure to reel in their big shot catch using ploys relevant to their business dealings. US courts regularly issue subpoenas by email, so discounting one that lands in your inbox is not always the right policy.
Nor is this the only court based scam used by identity thieves to get their filthy paws on people’s private data. In the past, the US court system has issued several warnings about emails purportedly reprimanding citizens for failing to show up for mandatory jury duty. The emails make it clear that if the necessary personal data isn’t entered into the system, they could face fines or legal action. Terrified, many comply, and enter sensitive and private information onto sites that are nothing more than a front for cyber identity theft.
John Bambenek, a security researcher at the University of Illinois at Urbana-Champaign, told PC World that "For someone who doesn't know what a legal document looks like, it kind of passes the smell test," adding "When they see they've been subpoenaed, people panic and they click on things they shouldn't."
He also noted that the fact that most of the emails ended in the domain name “uscourts.com”, added a certain (false) legitimacy to them, confusing people about their authenticity.
In what has become an increasingly common trend, the web servers sending out the malware are based in China, and the cyber ruffians who later nefariously take control of the victims’ computers, based in Singapore.
In order to help try and alleviate some of the confusion, the Administrative Office of the U.S. Courts has posted guidelines for verifying whether or not a legal-looking email is real, so before you next skip Jury duty, you might want to take a look. µ
L’Inq
PC
World
Comments
Is anyone listening?
Hello? "Most domains end in uscourts.com". So we've got a vital piece of information. Why isn't every ISP in the land out there adding uscourts.com to a block list? I would agree to my ISP filtering out certain traffic for me as an orderable service level.Our clients would pay their ISP to effectively filter this garbage at their border gateway, but hardly an ISP offers it? For our clients we update block-lists into their firewalls, but I'd love to do it centrally and with one click for all of them.
This stuff shouldn't be this hard. Why are you asleep Cisco?
Online subpoenas
Anyone stupid enough to think that an emailed subpoena is legitimate doesn't deserve to be in a position of responsibility.Even a modicum of intelligent thought plus a call to the local courts will tell you that subpoenas MUST BE DELIVERED IN PERSON. That's why there are servers who MUST place the court document DIRECTLY in the hand of the person named.
C'mon, folks, are there really that many idiots running businesses out there? Have you all fallen prey to the concept of "the computer says so, it must be true?"
WHEN WILL THE INSANITY STOP?
Use your brains for more than head stuffing, people!
Maybe it's a good thing
The fact that email is even conceived of as an acceptable way to send a legal document is beyond stupid. Maybe this is a good thing, since it might force the government to send out registered letters AS IT SHOULD ALWAYS DO, instead of unreliable, falsifiable, and not to mention *INFORMAL* methods such as email.e-mail vs. real mail
I've had a (real) copyright take-down notice come to me via e-mail, though I think perhaps this is an initial stage before the "actual" legal document gets sent out.Still, it's enough to get some people confused and worried even when they receive a legal-looking e-mail.