UK CPNI Releases Spear Phishing Paper | US-CERT(情報元のブックマーク数)

イギリスで、票劇他が攻撃に関するドキュメント

The United Kingdom's Centre for the Protection of National Infrastructure (CPNI) has recently released a paper titled "Spear Phishing - Understanding the Threat;" this document provides guidance on how spear phishing attacks work, whether you are likely to be a target, and the steps organizations can take to manage the risks. CPNI is the UK's government authority for providing physical, personnel and information security advice to critical national infrastructure.

US-CERT encourages users and administrators to review the CPNI document as well as US-CERT ST04-014, "Avoiding Social Engineering and Phishing Attacks.

UK CPNI Releases Spear Phishing Paper | US-CERT

Attachments contained within Spear Phishing emails will appear as a common file type such as .rtf or
.pdf.
The
name
will be
of interest to the target, e.g
.’
pay award.PDF’ When the attachment is opened
embedded malicious software is executed designed to compromise the target’s IT device.

http://www.cpni.gov.uk/documents/publications/2013/2013053-spear-phishing-understanding-the-threat.pdf?epslanguage=en-gb

screenshot