A new spear phishing attack targeting executives claims victims in English-speaking countries by appealing to their vanity. The “Top 100 Executives'” scam was resurrected by cyber-criminals, who are contacting directors to inform them that their biography was selected for a prestigious magazine.
All the ingredients of a well-crafted phishing attack are present: appeal to vanity and a sense of urgency, which forces managers to click fast on the fraudulent message.
“Dear Professional, this is your FINAL NOTICE,” the spam reads. “We previously attempted to contact you regarding your recent selection as a candidate for publication in the prestigious Top 100 Executives of 2013 Magazine.”
Scammers butter up executives by telling them “only the most accomplished and distinguished men and women are considered for this honor.” They also reassure them there is no cost for publishing the biography.
To increase the sense of urgency, the fake editor in chief signing the message also gives a registration deadline to wannabe authors. Executives rush into clicking on the link embedded in the message and send their personal details right into scammers’ data base.
Executive scams have been circulating for a couple of years now. The main targets are middle-aged non-technical men and women. Cyber-criminals may go as far as registering fake conference websites to lure managers and employees into registering and paying for imaginary events. Similar to spear phishing, this type of fraud is made out of small and gradual attacks.
Thank you for an excellent article. I think this is a major problem compounded by the fact that many corporate leaders somehow think they are immune to security measures the rest of their organization follows. Keep focused on this!
Incidentally we also have a blog at www.ziklagsystems.wordpress.com and I would love to be able to put your article there if you and your organization permit this.
Sincerely
Steve Bryen
Hello Stephen, thank you for reading our blog. I sent you an e-mail. Cheers, Bianca :)
[…] By: Bianca Stanescu | comment : 2 | June 05, 2013 |  Posted in: Alerts, E-Threats […]
[…] “Top 100 Executives” scam, as revealed on the anti-virus firm Bitdefender’s HotforSecurity blog, lures professionals into parting with personal information, such as phone numbers, email addresses […]
[…] “Top 100 Executives” scam, as revealed on the anti-virus firm Bitdefender’s HotforSecurity blog, lures professionals into parting with personal information, such as phone numbers, email addresses […]