Attack Samples Show Targeted Sophistication

If you'd like to know what a targeted e-mail attack looks like, take a look at samples posted today by antivirus maker F-Secure.

The screen shots, pulled from malware analysis blog contagio, clearly show a greater attention to detail and grammar than the usual clumsy attack e-mails that stand out like a sore thumb. The first two samples in F-Secure's post lack any clear clues, while the third has some capitalization errors but no laughable grammatical mistakes.

These types of polished attacks are typically sent to high-value targets, and are comparitively uncommon. For instance, last January Google said it was hit by targeted attacks.

But while the contagio samples don't immediately stand out, they do share a common thread: All have a .pdf attachment. F-Secure warned last year that .pdf's have become the attack of choice for targeted attacks, and these samples support that warning.

A .pdf attack document almost certainly goes after a flaw in an Adobe program. Keeping up with Adobe patches will help blunt an assault, but if a targeted threat is paired with a zero-day attack against an Adobe flaw, you can still get infected even if your software is up-to-date. Your best defense against a pdf-based exploit is to open it with an alternate program, such as the Foxit reader or even Google docs.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon