A new spear phishing attack targeting executives claims victims in English-speaking countries by appealing to their vanity. The “Top 100 Executives'” scam was resurrected by cyber-criminals, who are contacting directors to inform them that their biography was selected for a prestigious magazine.
“Dear Professional, this is your FINAL NOTICE,” the spam reads. “We previously attempted to contact you regarding your recent selection as a candidate for publication in the prestigious Top 100 Executives of 2013 Magazine.”
Scammers butter up executives by telling them “only the most accomplished and distinguished men and women are considered for this honor.” They also reassure them there is no cost for publishing the biography.
To increase the sense of urgency, the fake editor in chief signing the message also gives a registration deadline to wannabe authors. Executives rush into clicking on the link embedded in the message and send their personal details right into scammers’ data base.
Executive scams have been circulating for a couple of years now. The main targets are middle-aged non-technical men and women. Cyber-criminals may go as far as registering fake conference websites to lure managers and employees into registering and paying for imaginary events. Similar to spear phishing, this type of fraud is made out of small and gradual attacks.