ThreatPost article

Leaked Data and Targeted Attacks

Russell W. Gilmore, CISSP, CISM, EnCEIntellectual Property

ThreatPost articleHow can leaked data cause a targeted attack?

Have you ever wondered why you got a suspicious email from a bank where you have an account?

How about the emails about needing to change a password for a service?

Let’s not forget the calls to your cell about your power being cut off or your computer being hacked.

The information about you that would allow someone to target you can be gathered from many places. The issue is only compounded when social media providers like Clubhouse suffer a compromise leaking 3.8 billion phone numbers. These phone numbers were eventually put in a hacker forum for free. Read the original article here.

Take that information and combine it with the over 500 million Facebook profiles leaked earlier this year. (That’s right; I said “combine”.) Associate the information from Facebook and Clubhouse and use this combined information to send very targeted emails to unknowing victims.

So, stay alert. When you get that phone call or email and it just doesn’t seem right, hang up. Delete the email. Do not reply to the email. Do not call any number in the email. Finally, never click on a link in an email.