Cyberattackers are doing their homework when targeting corporate executives, according to a recent report from MessageLabs.
The messaging security vendor reported that it intercepted more than 500 phishing attacks in June using the correct name and title of corporate executives in the subject.
The scams included a Microsoft Word document that contained executable code, according to the report.
Thirty percent of the attacks targeted chief finance officers and 11 percent sought chief executives, according to the report.
Mark Sunner, MessageLabs chief security analyst, told SCMagazine.com today that his company has seen a "truly unprecedented" rise in phishing attacks targeting C-level executives, suggesting on online kit used to create email lures.
"The profile is like nothing we’ve ever seen before. It smacks of someone new on the scene," he said. "The fact that you can go and buy this attack right now means that, by casting a wide enough net, you may get back some very interesting corporate secrets."
While the attacks were spread equally across industry verticals, but an inordinate percentage targeted chief investment officers. Attacks targeting executives’ assistants suggest that cybercriminals gleaned some information from social networking websites, said Sunner.
"It begs the question of where they’re getting their information from, and that is social networking," he said. "These sites are brilliant for their good purposes, but they’re a gold mine for the bad guys."
June research from MessageLabs found that phishing attacks increased by 0.81 percent as a proportion of all email-borne threats.
The report is in line with recent warnings on targeted scam emails.
The U.S. Justice Department, the Internal Revenue Service and the Better Business Bureau have all warned of phishing scams targeting consumers.
Get more IT security news. Click here for SC Magazine Blogs.