We already know that most hackers have no shame or decency. They'll take advantage of any event to score your information or money, whether its tax season or a major natural disaster. In the wake of the terrorist attacks in France and other spots around the world, some groups have swung into action with phishing emails.
At the moment, these are mostly spear-phishing attacks targeted at companies in Canada and the Middle East related to energy, defense and finance. However, you can expect them to hit American companies soon, and other scammers will probably use the same trick on regular computer users.
In the spear-phishing emails, the hackers are pretending to be law enforcement from the United Arab Emirates, typically the Dubai Police Force. The emails are targeted to the recipient by name and include a signature of a real Dubai official.
The content of the email itself warns about upcoming terrorist attacks and offers a pamphlet on how to stay safe. There are two attachments to the email. One is a PDF file with actual information and the other is a Trojan that installs a remote access tool.
You might remember remote access tools as what tech support personnel use to take control of your computer to fix it remotely. Hackers use them to steal information, or spy on you through your computer's camera.
As always, the rules for safe email apply here.
- Don't download unsolicited email attachments, especially from unknown sources.
- Don't click on links in suspicious emails.
- Don't trust "official" emails from companies you don't do business with.
- Take a second look at any "official" email before you follow any instructions.
Following these rules can help keep you safe from attacks like this.