Social Engineering Example – “You So Bad”

Social Engineering Example – “You So Bad”

A December 2014 Wall Street Journal article entitled, “Did Hackers Gain an Edge on Wall Street?” found that a group of cyber-thieves may be attempting to gain an edge on Wall Street by targeting chief financial officers, advisory firms and others involved in mergers, acquisitions and other market-moving events. Hackers penetrated  over 100 companies that are either publicly traded or advising publicly traded firms as the hackers sought out advantageous financial information. The concept was not to steal anything except ‘insider information.’

The theory goes that the hackers  could read the private emails of top financial executives and then invest in certain stocks and end up with a windfall.

So… how did they gain access to some of the smartest companies in America?  They used the “You So Bad” technique and also typical fake document phishing hacks.

The “You So Bad” Technique: In this method, hackers would do social searches of key executives, attorneys and accountants for a firm, then determine who are friends of the executives. Next they would spoof an email from a ‘friend’ of the executive that would say something like, “Charlie, I think this is going bad for you. I saw a posting in this legal forum <link to malware> which said you are about to be indicted. Is this true?”  Then Charlie, seeing the email from their friend, would assume the malware link is good and, upon clicking, Charlie has an infected computer.

Fake Document Phishing Hack:  FireEye, the security firm, states that a common technique is where the hackers embed prompts for Microsoft Outlook usernames and passwords inside corporate documents they send to executives. The unsuspecting executive then enters their username and password thinking it is on a secure company server. Next, hackers can take over an email account, then send trick emails to other employees who may be working on a deal.

Hackers Then Set Email Filters For Cover: Hackers understand it is hard to imitate the executives style in an email, so the hackers use Microsoft Outlook’s filter settings to hide emails to victims that contain the words “hacked,” “phish” or “malware,” FireEye said. The filter would block a message from a colleague that says something like, “Charlie, This email doesn’t sound like you, did you get hacked?”



error: Content is protected !!