If you were given the chance to be an extra in the next Transformers movie and meet Megan Fox, would you do it? American airmen fell subject to an internally organized phishing scam in the form of a fake e-mail, inviting the airmen to be extras in the upcoming Transformers movie and essentially to meet Megan Fox.
“Spear phishing” is when a hacker targets a specific group of people, as opposed to a regular phishing attempt that targets a random and general population. In this case, young airmen were the targets, and the bait was, well, Megan Fox. The e-mail prompted the airmen to fill out an application form to be considered, but by filling out the form they would give out sensitive information that could potentially be used by hackers to gain more access to Air Force networks. The most surprising part? The Air Force themselves engineered the ploy in an attempt to reveal security flaws and raise awareness for this type of scam that could potentially cause serious problems for the Air Force infrastructure.
What surprised the military however was just how many of their airmen actually fell for this ploy. They did not release the actual number, but officials said that it was much bigger number than expected. This just shows that even military personnel which are trained to be security minded can fall for these types of tricks.
The reason that the Department of Defense has publicized this spear phishing test and the results was to reveal security flaws and raise awareness around this type of scheme. encourage any military personnel that think they fell for an e-mail of this kind to report it as soon as possible, and hopefully patch up the security vulnerability it created.
(Via Free Republic)