spear-phishing

The recent data breach reported by e-mail marketing service provider Epsilon that exposed names and e-mail addresses for customers at dozens of companies comes four months after an Epsilon technology partner warned about targeted phishing attacks on e-mail service providers and on its own network.

Return Path said in late November that thousands of e-mail addresses had been stolen from its system after one of its employees clicked on a link in a phishing e-mail message. Epsilon uses Return Path's e-mail monitoring technology in the e-mail marketing services it provides to other companies.

"The employee's system was … Read more

For this week's Security Watch column and Security Bites podcast, I spoke with Tod Beardsley, lead counter fraud engineer for TippingPoint, a provider of network-based intrusion prevention systems. The column and podcast talk about how social networking can be used for targeted attacks. Toward the end of the interview, I asked Beardsley what was the most interesting case he's worked on in the last six months.

"In the last six months, there was a case involving the Better Business Bureau. This is public. The story there is that the Better Business Bureau keeps these databases of all … Read more