Yesterday, a White House spokesman confirmed that a computer network used by the White House Military Office that deals with military support for various White House functions was hacked into last month purportedly by Chinese hackers through the common scammers technique called “spearphishing.” You can read in more detail about spearphishing in my “scam of the day” of September 11, 2012, which can be accessed in the scamicide archives. Phishing occurs when you receive an email message or other communication that takes you to a phony website or link that automatically will download malware, such as a keystroke logging program called Trojan Horse that will steal all of the information from your computer and can help make you a victim of identity theft. Spearphishing is a particularly insidious variation of phishing. It occurs when you get an email message or other communication that appears to be from someone you know that contains a link or an attachment that when you download it automatically downloads the malware I previously described. People often let their guard down when they receive an email or other communication from someone that they know even though it is easy to hack into someone’s email and steal their identity to send out these kinds of specially targeted spearphishing emails. Too often they trust that the email is genuine and either click on the link or download the attachment without being sure that it is legitimate. Often this can bring terrible results.
Remember my motto: Trust me, you can’t trust anyone. Never download attachments or click on links unless you are absolutely are sure that the email or other message is absolutely legitimate. When in doubt (and you should always have some doubt) you should confirm with the person that you think sent you the email that it is legitimate. It may seem a bit paranoid, but remember, even paranoids have enemies. If the White House can fall for this scam, so can you, so be extra careful.