Feeds

If you see 'URGENT tax rebate download' in an inbox, kill it with fire

Top spear-phishing email phrases revealed

Using blade systems to cut costs and sharpen efficiencies

FireEye has put together a list of the most common words and phrases that appear in fake emails designed to infect corporate networks and steal data.

The security firm said that the list spotlights the social engineering techniques that feature as a key component of so-called spear phishing attacks. Hackers tend to use words that create a sense of urgency in a bid to trick unsuspecting recipients into downloading malicious files.

The top word category in email-based attacks relates to express shipping. Words such as "DHL", "UPS", and "delivery" featuring in a quarter of overall attacks. Urgent terms such as “notification” and “alert” are included in about 10 per cent of attacks. Some attacks mix and match terms from these two popular categories such as "UPS-Delivery-Confirmation-Alert_April-2012.zip", one example cited by FireEye.

Email-based attacks increased 56 per cent between Q1 2012 and Q2 2012, according to FireEye. The security firm claims these attacks often get through multiple layers of defence – including anti-virus, firewalls and intrusion prevention systems – to reach corporate desktops.

Cybercrooks and spies are also fond of finance-related words, such as the names of financial institutions and an associated transaction such as "Lloyds TSB - Login Form.html", and tax-related words, such as "Tax_Refund.zip". Travel and billing words including "American Airlines Ticket" and "invoice" are also popular spear phishing email attachment keywords.

FireEye warns that crooks often use phrases from social engineering sites to "personalise" booby-trapped emails and make them look more authentic.

Attackers primarily use zip files in order to hide malicious code, but other file types, including PDFs and executable files, also feature in attacks ultimately aimed at gaining access to corporate networks before stealing intellectual property, customer information, and other valuable data. It's hard to believe that executables, in particular, aren't routinely blocked at corporate email gateways, but FireEye's research suggests otherwise.

The study, Top Words Used in Spear Phishing Attacks to Successfully Compromise Enterprise Networks and Steal Data (PDF), is based on data from the FireEye Malware Protection Cloud, a service shared by thousands of FireEye appliances, as well as input from FireEye's research team. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.