The concept of targeted threats is easily illustrated in the spam and phishing threats.
Phishing is used to determine screen names and then sent fake e-mail messages to the screen names to confirm password information. Once they had access to your accounts, they'd perform "other" actions from the inappropriately accessed accounts, keeping their own identity masked.
Phishing today has evolved to a more targeted technique sometimes referred to as "spear phishing," which is an analogy to the sport of fishing.
The term "phishing" makes reference to fishing in the open water, uncertain as to whether any victims are actually there; spearfishing is more focused on spearing fish in shallow waters. This is exactly how threats in 2007 will become increasingly dangerous. Instead of targeting an entire list of e-mail addresses, hackers will be able to target individuals and try to gain access through focused efforts.
Contextually crafted e-mails that sound convincing will trap individuals to unsuspectingly download malware and infect their computer and networks.
For example, an e-mail will be sent to all e-mail addresses with the same last name in a particular area code and read: "Respected, We’ve decided to do some maintenance work this weekend, and would like all of you to co operate with us. We’ve send the down-time details. Please check and revert if any inconvenience “Once the individual clicks on the attachment they are infected by targeted malware.
These targeted mails cause users to click on a link that ends up downloading a bot, keystroke logger or screen scraper. So this type of attack will become much more common in 2007.
Hackers can make an attempt on you too. So be cautious not to enter your user name and password into any anonymous web pages and don’t click on any links of anonymous mails and webs too.
"Click on the image for a Clear View"
"Click on the image for a Clear View"
