Spear phishing campaign targeted energy sector

Share this article:

A spear phishing campaign targeting 11 energy sector companies occurred last October, according to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

After an electric utility company posted to its website the names, company email addresses, and work titles of industry employees that attended a recent committee meeting, attackers were able to utilize the information to craft their messages, ICS-CERT said in its latest newsletter (PDF).

The malicious emails asked recipients to click on an attached link that would direct them to access the sender's new email address. Instead, the link led users to a website that served malware. Another email carrying a malicious attachment is believed to be associated to the campaign, according to the newsletter.

The campaign was unsuccessful, leading to no “known infections or intrusions,” the report said.

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.