Spear Phishing

ANCHOR LEAD:
IT'S NO SECRET THAT ONLINE SOCIAL NETWORKING SITES SKYROCKETING IN POPULARITY.
BUT NOW, EXPERTS SAY THEY HAVE BECOME A MAJOR TARGET FOR PHISHERS WHO ARE USING THESE SITES TO LURE USERS INTO THEIR SCAMS. BUT, IT'S NOT TRADITIONAL PHISHING... IT'S CALLED SPEAR PHISHING AND FRAUDSTERS HAVE A WHOLE SLEW OF NEW TRICKS TO TRICK CONSUMERS INTO HANDING OVER THEIR PERSONAL INFORMATION. HERE'S ____ WITH A HEADS UP..

TRACK ONE Length: 07
SEVENTEEN YEAR OLD DAN LEVEILLE (LIV-EE-AY) USES MYSPACE NOT ONLY TO CONNECT WITH FRIENDS BUT TO PROMOTE HIS PHOTOGRAPHY AND WEB DESIGN BUSINESS.

SOT
KEY @: 10 (SHORT)Dan Leveille, Uses Social Networking Sites
"I'm on there pretty much every day; I can spend like hours on there."

TRACK TWO Length: 06
SO WHEN A MUSIC GROUP CONTACTED HIM, DAN CLICKED ON THE PROFILE... BUT A LOGIN PAGE POPPED UP INSTEAD.

SOT
NO KEY
"I thought it was myspace, it looked exactly like it, but on the address bar, it didn't say myspace.com."

TRACK THREE Length: 09
THE NATIONAL CYBER SECURITY ALLIANCE'S RON TEIXEIRA (TEX-AIR-A) SAYS DAN WAS ALMOST HOOKED BY A SPEAR PHISHING SCAM... THE NEWEST FORM OF PHISHING... SOCIAL NETWORKING SITES ARE MAJOR TARGETS.

SOT
KEY @: 35 Ron Teixeira, National Cyber Security Alliance
"Spear phishing is when they hone their tactics and they use personal information that you have posted on these social networking sites to try to steal different financial information from users."

TRACK FOUR Length: 11
FOR INSTANCE IF YOUR PROFILE SAYS YOU LIKE A CERTAIN BAND, SPEAR PHISHERS MIGHT SEND YOU LINKS THAT YOU THINK ARE LEGIT FOR THAT BAND VIA INSTANT MESSSAGES, BULLETINS, AND INBOX MESSAGES. BUT WHEN YOU CLICK THE LINK...

SOT
KEY @: 57 Ron Teixeira, National Cyber Security Alliance
"It will load malicious code onto your program and use vulnerabilities that exist on your computer to again install these different programs that collect all your financial information."

TRACK FIVE Length: 12
OTHER LINKS LEAD TO FAKE LOGIN PAGES USED TO COLLECT USERNAMES AND PASSWORDS SO SCAMMERS CAN USE YOUR PROFILE AND ATTACK YOUR FRIENDS. TEIXERIRA SAYS BEWARE OF MESSAGES ASKING FOR PERSONAL INFORMATION.

SOT
NO KEY
"Legitimate companies do not ask for personal information via email."

TRACK SIX Length: 09
YOU CAN PROTECT YOURSELF... TEIXEIRA SAYS NEVER EMAIL ANY ACCOUNT INFORMATION. IF YOU'RE ASKED TO LOGIN A SECOND TIME, MAKE SURE THE U-R-L IS CORRECT, AND KNOW WHO YOU'RE DEALING WITH...

SOT
KEY @: 1:34 Ron Teixeira, National Cyber Security Alliance
"We always suggest that you never download an attachment or click on a link from someone you don't know."

TRACK SEVEN Length: 05
DAN SAYS SINCE HIS CLOSE ENCOUNTER WITH A SPEAR PHISHER, HE'S MORE CAREFUL ABOUT WHAT'S ON HIS PROFILE.

SOT
NO KEY
"I don't put my first or last name and I don't even give it to people I know because they could not be who I think they are."

ANCHOR TAG:
TEIXIERA ALSO SAYS MAKE SURE YOUR BROWSER, OPERATING SYSTEM, VIRUS, SPYWARE, AND FIREWALL PROGRAMS ARE UP TO DATE.

SOURCE INFORMATION

FOR CLIENT-STATION USE ONLY
The information provided below is for client-station use only. It is provided to help you obtain answers to any additional questions you may have and to help you localize a story. This private contact information, including phone numbers, addresses and email addresses, cannot be given to viewers nor posted on your Website. It is for internal station use only. Any exceptions to this will be clearly noted. Thank you.

Ron Teixeira
National Cyber Security Alliance
1150 18th Street, NW
Suite 1010
Washington, DC 20036
PR Contact:
Julie Han
415-975-3327
julie.han@porternovelli.com

Ron Teixeira is the Executive Director of the National Cyber Security Alliance. The NCSA provides resources to consumers and small businesses about how to stay safe online. Teixeira says that spear phishing attacks are becoming more and more common, and social networking sites are an easy target because user divulge so much personal information on their profiles.