Stolen Stratfor mailing list used to Rickroll customers... This time

Filed Under: Data loss, Featured, Phishing, Spam

Rick Astley emailIf your email address was one of the thousands stolen from Stratfor and published by Anonymous you may have received an unusual email purporting to be from the CEO of the security firm this morning.

The email proclaims to be an announcement from George Friedman about changes to Stratfor services, including making their premium content available for free due to the inconvenience of their services being unavailable.

Stratfor spam message with Rickroll

There are a few signs for anyone with a keen eye that this is a prank... The link at the beginning of the email that invites you to "Rate Stratfor's incident response" leads to a page called "butthurtreportform.jpg".

Another clue might be the reference of "the recent intrusion by those deranged, sexually deviant criminal hacker terrorist masterminds" at the end of the message.

While being Rickrolled is often funny, and you can be sure I'm never gonna give you up, it could have been a much more dangerous phishing attack.

(Enjoy this video? Check out more on the SophosLabs YouTube channel.)

Considering the enormous number of email addresses lost in 2011 nearly all of our email addresses are known to attackers, often along with the knowledge of who we have done business with.

This makes us extra vulnerable in that one careless moment to believe the message is really from Stratfor, our bank, Marriott Rewards, Walmart, Sony or any other company who lost our personal details.

Stay alert folks and I hope Rick Astley can help you roll comfortably into an enjoyable weekend.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.