Cyveillance Eliminates New ''Spear Phishing'' Attack Against Credit Union Employees; Immediate verification and eradication of threat protects credit unions nationwide.

ARLINGTON, Va. -- Cyveillance, the leading provider of online risk monitoring and management solutions, today announced the verification of a new "spear phishing See phishing. " attack targeted towards financial institutions and credit union executives. The attack was identified by the Credit Union Information Security Professionals Association (CUISPA CUISPA Credit Union Information Security Professional’s Association ) and the site was taken down in under 5 hours utilizing the Cyveillance closed-loop anti-phishing solution.

"Spear phishing" refers to a targeted attack to a specific profile; in this case, a deceptive email was directed to credit union executives. The message, appearing to be a legitimate business request from another financial services The examples and perspective in this article or section may not represent a worldwide view of the subject.
Please [ improve this article] or discuss the issue on the talk page. professional, lures the victim to a website that would automatically and transparently download malicious software to the victim's computer.

"Our association is dedicated to improving information security practices for credit unions through cooperation. This new hacker threat targeted at financial institutions caused great concern and required instant action," said Kelly Dowell, executive director of CUISPA. "With the assistance of Cyveillance we were able to verify this new and deceptive attack and immediately eliminate it to protect the credit union community."

A link in the email brings the recipient to a web site, which then downloads a Trojan virus See Trojan. "Bloodhound bloodhound, breed of large hound whose ancestors were known in the Mediterranean region before the Christian era. It stands about 25 in. (63.5 cm) high at the shoulder and weighs between 80 and 110 lb (36.3–49.9 kg). .Exploit.54." as defined by Symantec. The recipient unknowingly activates a program designed to exploit a flaw in Microsoft Internet Explorer See Internet Explorer. . By exploiting the flaw, the attacker steals the log-on privileges of the user and can then use the machine to perform a denial-of-service attack "DoS" redirects here. For other uses, see DOS (disambiguation).
A denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. or execute other malicious code remotely. Usually this occurs without any knowledge on the part of the victim.

"Over this past year, we are seeing more targeted attacks that profile a specific group with tailored scams designed to inflict great harm to the recipients, and we expect that the threats will continue to become more sophisticated and more frequent," said James Brooks James Brooks may refer to:

James Brooks (bishop) (1512–1560)
James Brooks (composer), an English composer
James Brooks (Whig), 19th century American politician from New York
James Brooks (painter) (1906–1992)

, senior product manager for Cyveillance. "Education and awareness are critical components to protecting employees and company assets against the evolving threats on the Internet."

Cyveillance and CUISPA urge the industry to continue to responsibly alert the community of suspicious activity for increased education, awareness and protection.

About CUISPA:

CUISPA is an association of credit union IT professionals dedicated to improving information security practices through cooperation. CUISPA is creating valuable resources for its members and the CU industry to improve the effectiveness, efficiency and affordability of managing IT security and compliance risks.

About Cyveillance:

Cyveillance provides online risk monitoring and management solutions to Global 2000 organizations. The company comprehensively monitors the Internet using patented technology to deliver early warning of risks to information, infrastructure and individuals. Armed with this actionable intelligence Having the necessary information immediately available in order to deal with the situation at hand. With regard to call centers, it refers to agents having customer history and related product data available on screen before the call is taken. and Cyveillance's immediate corrective response capability, chief security officers can proactively protect their company's reputation, revenues and customer trust. Cyveillance counts over half of the Fortune 50 and three quarters of the top Fortune 500 companies in the financial services, pharmaceutical, energy, and technology industries as clients.

COPYRIGHT 2005 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Publication:	Business Wire
Date:	Dec 19, 2005
Words:	479
Previous Article:	Wireless Age Announces Strong November Revenues; Record Revenues Expected In December.
Next Article:	ON Semiconductor Introduces LED Driver that Delivers Both Space Savings and Power Efficiency for Medium Power Portable Applications.
Topics:	Credit unions Identity theft

Related Articles
Hook, line and sinker: life insurers and their policyholders could be the next targets of online phishing scams.(Technology: IT Security)
Counter threat fraudulent identity theft.(FortiGate of Fortinet Inc.)
Partnership helps banking firm combat online scams.(Special Report--Banking & Finance)
ZoneAlarm Internet Security Suite 6.5.(Security)
Cyveillance Partners with NAFCU Services Corporation To Offer Members Anti-Phishing Protection.
Security news and products; Webwasher6.0 proactive anti-malware protection.(SOFTWARE WORLD DIGEST)
IBM Internet Security Systems predicts security trends for 2007.(Security News and Products)
Security news and products; 2006: the year spam raised its game and threats got personal.(SOFTWARE WORLD DIGEST)
Security news and products; IBM internet security systems X-Force research team predicts security trends for 2007.(SOFTWARE WORLD DIGEST)
87 percent of UK claim to have good understanding of spyware.(Security Trends)