A cautionary tale...
The strange e-mails arrived in executives' inboxes around the same time that the Australian oil company was negotiating a deal with a Chinese energy company.The e-mails had the same structure and format as those sent around the company and were baited with text that appeared to refer to a supposed continuing discussion between executives. The messages looked authentic from a nontechnical perspective, just part of normal electronic communication within a company.
But the corporate IT administrator felt something wasn't quite right. Upon closer examination, the administrator found the e-mails, while appearing to come from internal company servers, were actually coming from other domains not authorized to send e-mail for the company.
The e-mails contained a malicious link that would redirect the person who opened it to a website of another energy company whose Web pages had been hacked in order to deliver malicious software designed to steal data. Victims would have no indication they'd been attacked.
It became clear that hackers were on a campaign to find out more about the pending deal... (more)