Longlining: the new phishing attack targeting businesses
Posted on 8 Jul 2013 at 10:00
Davey Winder reveals the latest style of phishing attack, "longlining"
Targeted spear-phishing and traditional mail-bombing attacks are merging to create yet another new genre in the email scam game – longlining.
This name isn’t simply another fishing pun, but rather a literal description of how this technique works.
Longline fishing is a commercial practice that employs a single line several miles long, baited with thousands of individual hooks. Longline phishing gets around traditional security systems by a process of "mass customisation", employing a rapid bombardment of thousands of uniquely targeted messages.
Find out moreProtecting your business from phishing attacks
Many security gateway filters will be looking for identical or similar messages from a single source, so they won’t detect a longline attack, the messages of which have widely differing subject lines, content and, most importantly, originating IP addresses.
This multiple-hook analogy applies to the body content of the messages themselves, which will contain multiple variations of the embedded malware target URL, the ultimate destination of which will almost always be a trusted site that’s been compromised in some way (which helps evade reputational filtering on the URL).
Think of longlining as a parallel phishing delivery system and you’re in the right ballpark.
Armed with the capability to send hundreds of thousands of these malicious URL hooks in a matter of hours, plus the ability to bypass many corporate gateway filtering systems, the bad guys increase their chance of exploiting a zero-day vulnerability before the IT department has been able to patch it.
I’ve heard longlining described as "combining the effectiveness of spear-phishing with the speed and scale of a virus attack" – and that scares me, even if it doesn’t scare you.
It would certainly encourage me to make sure my IT security education programme was up to date.
Did you mean "longlining".
That's the term used in this article by Proofpoint.
By simnfs on 9 Jul 2013
Typo in the headline?
By Pantagoon on 9 Jul 2013
Davey is a contributing editor to PC Pro, having covered the internet as a topic since the magazine started in 1994. Since that time he's won numerous awards for his journalism, but remains a small-business consultant specialising in privacy, security and usability issues.
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Apple Watch, iPhone 6 and 6 Plus: Tim Cook's Apple back with a bang?
- BT Home Hub 5: how to get maximum speed
- 20 years of PC Pro: one-star reviews (including "the worst tablet we've ever seen")
- 20 years of PC Pro: our best covers
- Chromebooks get streaming version of Adobe Photoshop
- Toshiba beats retreat from consumer PC market
- Ellison steps down: but who's really running Oracle now?
- Microsoft set to make more job cuts
- Is Peter Pan panto tickets email genuine? Oh no, it isn't
- Intel triples Xeon E5 chip performance, adds DDR4
- Patch Tuesday targets critical IE flaw
- Microsoft refuses to hand over customer emails
- Microsoft yanks Windows 8.1 update after crash reports
- Microsoft backtracks on blocking out-of-date Java