DHS: Natural Disasters Fostering Social Engineering

Thursday, August 25, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

The Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) is alerting the cyber ecosystem to be aware that malicious users may seek to exploit interest related to physical events such as earthquakes and hurricanes by generating phishing emails with subject lines and attachment titles related to the incidents.

Network administrators and general users should be aware of these attempts and avoid opening messages with attachments and/or subject lines related to physical events.

The NCCIC bulletin is as follows:

PHYSICAL EVENTS (NATURAL AND/OR MAN-MADE) PROVIDE MALICIOUS USERS WITH TOPICS FOR SOCIAL ENGINEERING CAMPAIGNS

Malicious users seeking to exploit interest related to physical events such as earthquakes and hurricanes will likely use subject lines and attachment titles related to the incidents in phishing1 e-mails. Network administrators and general users should be aware of these attempts and avoid opening messages with attachments and/or subject lines related to physical events.

This NCCIC Bulletin is being provided for your situational awareness because of the malicious cyber activity that is commonly associated and that follows highly publicized physical events such as hurricanes and earthquakes. Recent examples of topics that may be used in these e-mails include but are not limited to the 23 August 2011 earthquake in Virginia, and the impending landfall of Hurricane Irene in the southeast US.

Both government agencies and private organizations could possibly become recipients of malicious activity, most commonly in the form of socially engineered spear-phishing emails. These emails may appear to originate from a reputable source, with the email subject closely aligned to the event and usually of interest to the recipient. The email in most cases will contain a malicious attachment with a subject name relevant to the event alluring the recipient to open. The attachment when opened will launch malware into the users system in most cases in the form of a key logger or remote access tools.

The NCCIC will continue to monitor reporting from multiple public and private sources, and generate additional products if new information becomes available.

DHS/US-CERT is collecting phishing email messages and web site locations so that we can help people avoid becoming victims of phishing scams. You can report phishing to US-CERT by sending email to phishing-report@us-cert.gov.

Please direct all questions to the NCCIC Duty Officer (NDO). NCCIC will continue to coordinate with the appropriate component organizations listed below:

NCCIC Duty Officer
NCCIC@HQ.dhs.gov
(703) 235-8831

US-CERT
SOC@US-CERT.gov
(888) 282-0870

NCS/NCC
NCS@HQ.dhs.gov
(703) 235-5080

ICS-CERT
ICS-CERT-SOC@dhs.gov
(877) 776-7585

 

Help Support Infosec Island by Tweeting and Stumbling our Articles - and join our LinkedIn Group HERE - Thanks!

Possibly Related Articles:
13128
General
Federal
Email scams Social Engineering Cyber Security Headlines DHS National Security Alert Hurricane Irene NCCIC
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.