More details are surfacing regarding the latest Syrian Electronic Army attack which led to the hijacking of several high-profile domains, including the ones of The New York Times, Twitter, and The Huffington Post.
Melbourne IT’s CTO has told IDG that the attackers compromised the company’s systems by sending out spear phishing emails to a number of employees. Several accounts have been hijacked as a result of the attack.
This confirms everyone’s suspicions that the Syrian Electronic Army once again relied on spear phishing to achieve their goals.
This technique, albeit simple, turned out to be quite effective. In the recent attack against The Daily Dot, the website’s employees took the bait even after being warned that they might receive malicious emails.