UNITED STATES LAW ENFORCEMENT has warned that bad actors are increasingly going after personal data.
If there was anything funny about PRISM, the US National Security Agency (NSA) communications dragnet, this would be the time to link it to a warning from the US Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (ICCC).
The ICCC said that spearphishing attacks are on the rise. "The FBI has seen an increase in criminals who use spear-phishing attacks to target multiple industry sectors," it reported.
"These attacks allow criminals to access private computer networks. They exploit that access to create fake identities, steal intellectual property, and compromise financial credentials to steal money from victims' accounts."
We might have assumed that spearphishing was old hat by now. We would have thought that criminals would have an eye on the PRISM system, since that apparently is a huge contacts database. Perhaps that will come.
For now they are limiting themselves to spearphishing attacks, though, which are reasonably sophisticated email trust assaults.
"Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update," said the ICCC.
"If victims click the link, they are taken to a fraudulent website through which malicious software (malware) harvests details such as the victim's usernames and passwords, bank account details, credit card numbers, and other personal information. The criminals can also gain access to private networks and cause disruptions, or steal intellectual property and trade secrets." µ