Hacking then phishing – kicking a person when they’re down!

Today we’re going to highlight two issues for the price of one. Not bad for a Monday!

Firstly we have the recent admission by British Airways that criminals had hacked their website and personal details – including bank card numbers – of about 380,000 customers had been compromised. To add insult to injury, it took them 15 days to realise then warn customers so they can take action, by which time a huge amount of fraudulent transactions could have been conducted by the criminals and whoever they sold the card data to. If only they had an effective Security Operations Centre like other multi-national (really should) have!

Secondly, the fact that BA contacted their customers by email – and the possibility of this being exploited by other criminal groups – was debated by my fellow security professionals last week, so I thought I’d check my spam folder in my personal email account. Imagine my surprise when I spotted the attached message! It took a few moments but we found a few indicators of a phishing email (“return to” address was very suspicious, suspicious hyperlinks not going to BA website, minor grammatical errors in text, the promise of two freeplane tickets being unrealistic for half a million customers, etc.).

Would you have spotted it?

So there we have it, a quick and simple introduction into how one criminal group can quickly jump on the bandwagon and exploit another criminal group’s actions, praying on people easily exploited as they’re placed under pressure dealing with the first problem. Talk about kicking a person when they’re down!