By now, most e-mail users are wise to the scam of 'phishing' -- sending a spoofed e-mail message that appears to be from a legitimate business, such as a bank, which directs the recipient to a fake web site seeking "verification" of personal information such as passwords or credit card numbers. A new twist on 'phishing' known as 'spear-phishing' is being directed at Chief Executive Officers in order to gain access to the victims' computers.

Spear-phishing messages are more targeted to the victim and may contain specific, accurate information, including the CEO's name and the company's name. In a recent example of spear-phishing launched from a web server in China, CEOs received an email message purporting to be from a federal court stating that a subpoena was being directed to the CEO with a link to a web address ending in "uscourts.com". More than 1,800 CEOs clicked on the link. Once the victims arrive at the bogus site, they are asked to view court documents by downloading a browser plug-in, which is actually malware used to gain access to the victim's computer.

A word to the wise CEO -- proceed with caution before clicking on a link, even if the message appears to be from a reliable source. Better to seek confirmation from your information systems resources than fall victim to a spear-phishing scam.

Click this link for an article with more information.

For more information about legislation or litigation involving technology, intellectual property protection of information technology assets or any other Information Technology law issue, contact your Miller Canfield attorney or Kathy Ossian, Leader of our Information Technology Team, or call her direct at 313.496.7644.