News

Readiness team warns of spoofed US-CERT email addresses in phishing campaign

SearchSecurity.com Staff

The U.S. Computer Emergency Readiness Team has issued a warning about a new phishing campaign that uses spoofed US-CERT email addresses.

Reports about the phishing campaign were received by US-CERT on Tuesday. A variety of organizations have been targeted in the attack, including private sector businesses, government contractors and federal agencies.

The message contains a zipped attachment with a phony report.  The attachment is an executable file with the name “US-CERT Operation CENTER Reports,” according to the

    Requires Free Membership to View

US-CERT phishing campaign advisory. There is no information about the malware contained in the attachment.

The primary email address being spoofed is SOC@US-CERT.GOV, but other invalid email addresses are being used. US-CERT said it would provide additional details as they become available.

The common advice from experts is to train end users to avoid opening attachments in email messages from unknown sources, but the cybercriminals behind the phishing campaigns are becoming more successful. Spear phishing is the common cause of many high-profile data breaches, including the RSA SecurID breach. Security awareness training is a good step to reduce the risk to enterprises, according to David Sherry, chief information security officer of Brown University. In order to be successful, training must be sustained and should include everyone at the company, including executive management. 

Technology is available to defend against phishing. Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication technology can be effective, but the authentication technologies must be more widely adopted to be truly effective, according to application security expert Michael Cobb.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: