US federal court officials are warning that hackers are emailing fake subpoenas that contain malware to corporate executives in an effort to steal private corporate data.
Thousands of top US executives have received the fraudulent emails that contain web links which, when clicked on, install malware on the user’s PC, letting hackers take control of the computer to steal passwords or other private information.
Web security professionals refer to these types of attacks as “whaling” because they use social-engineering gimmicks involved in “phishing” but target “big phish” rather than going after the masses of Internet users.
Websense Security Labs manager Stephan Chenette said the success rate has been extremely high and that it is, “Most likely due to the nature of the content and the real data, the emails had their exact names and legal language in there that made it seem like a serious subpoena.”
The fake subpeonas are written using official seal of the US federal court in San Diego, California, and are addressed to executives using their names, addresses and other personal information.
Clicking on the included link to view the “subpoena” brings up a realistic-looking legal document and secretly installs malicious computer software on the reader’s computer that can read keystrokes and sends the information to a computer over the internet, enabling hackers to steal passwords as well as other sensitive financial information.
Subpoenas in the US are usually served in person to assure judges that court orders have been personally received by the people named.
Federal investigators believe the hackers are unfamiliar with the US court system since the website executives are directed to use is a “uscourts.com” domain while actual court website addresses typically end with “.gov.”
Police believe that certain aspects of writing in the emails appear to be British.
Some of the targets have been executives at CitiBank, America OnLine and Ebay.