Targeted Email Attacks - October 26 - Fake “Halloween Briefing Points” from the Navy Safety Center

This blog provides examples of socially engineered and/or specifically targeted spear phishing emails, intended to spread trojans and malware. These examples are generally focused on the China/Taiwan analyst community in Washington, D.C. (More Background)

October 26 - Fake “Halloween Briefing Points” from the Navy Safety Center

I found this very amusing. It is a lazy spearphish type email using the upcoming Halloween holiday as a lure. At first I wondered if it used to be different types of briefing points originally, and the text was just changed? There is an extra space in the text before “Halloween,” which is why it seemed like it was edited. But then I went to the website of the Navy Safety Center, and they actually have Halloween Briefing Points in a PDF and a PP presentation on Halloween hazards! Not sure why, but there you are. (Screenshot for posterity).

Again this came from an unknown to me sender. We were not the only ones who got this, anyway, as TrendMicro posted about the same email. (Although when I originally submitted it to VT, they did not have a detection for it, although it had a decent 37.2% detection rate.)

The email header showed the originating IP as being a restaurant in Philadelphia, which I thought was interesting. Doubt the restaurant was open at the time, given that it was sent at 4:40am…

Subject: Fwd: Halloween Briefing Points
MD5: 926313fbe5289125af4bf65440bf3036
Originating IP: 75.150.170.174

harmerqjp likes this
nickthejam likes this
targetedemailattacks posted this

25 notes Source: lottaworld.com #pdf #navy #military #briefing #holiday

Short URL for this post: http://tmblr.co/ZCE6oxBJcCbu