Fake Pink Slips and Spear Phishing

Posted on Friday, November 3, 2006 by Frank Roche

Spear FishingHere’s a new one: What happens when your employees get a fake pink slip that looks like the real thing? It’s happening right now, with an e-mail scam called “spear phishing”:

A phishing scam caught a number of employees at the Dekalb Medical Center in Decatur, GA. They were sent what appeared to be notices from their employer, telling them they were fired, with a link to a “career counselling site.” Loading the site installed a keylogger on your computer. (via BoingBoing)

When employees of Dekalb Medical Center got fake termination notices, they were aggravated enough to click on a “career counseling” link in the e-mail Wham! Bam! Scam! They were “spear phished” into a key logger virus.

Time for an HR/IT confab. And a note to your employees today. Tell them that you don’t send out pink slips by e-mail. (You don’t, do you?) And tell them that they should NEVER click on links that they don’t recognize.

Photo credit: DMSCVAN

Support this post around the web. We would really appreciate it.

digg
delicious
twitter
stumbleupon
email

User Comments

  1. Charlie

    Nov 4th, 2006

    ..and give them the tools to repel infection.

  2. Frank

    Nov 4th, 2006

    Charlie, right, my sense was that stuff like that shouldn’t get through. What I read, though, was that the phishers are getting smarter…spear phishing is low volume so the spam algorithms don’t seem to catch them as easily.

Leave a Reply

Looking for a place to add a personal image? Visit www.gravatar.com to get your own gravatar, a globally-recognized avatar. After you're all setup, your personal image will be attached every time you comment.