We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Spear-phishers lie in wait at 'watering hole' websites

Targeted spear-phishing attacks are going after not just individuals but entire websites that function as "watering holes" for groups of people with focused interests, according to security company Websense.

Spear-phishing is most associated with targeted attacks, typically via malware-loaded email, intended to take over an individual's computer to spy or steal something important from the victim. But a more recent trend in spear-phishing is the targeting of entire websites in order to have a crack at a community of individuals whose computers you'd like to compromise, says Chris Astacio, security research manager at Websense.

RELATED: Whitelisting pushing out antivirus at some security-minded retailers

In this "watering hole" attack, the goal is to compromise a website to understand who visits it and why, and place malware on it to try and target these visitors, Astacio says. For the attackers, "the idea is that they lie in wait," he says, watching what individuals do in order to target them.

Websense says it believes examples of known "watering hole" attacks now include the Institute for National Security Studies website in Israel which in May was discovered to be injected with malicious code. Around the same time, the Amnesty International U.K. website was compromised with a remote-access Trojan, and in August the Nepalese government websites were compromised with a similar type of Trojan.

These kind of "watering hole" incidents "may be a way for nation-states to garner additional information from a select audience without having to know the contact information or specific lure likely to compromise a target," Websense says in its notes. "This could be considered reconnaissance leading to more specific targeting and a more traditional spear-phishing attempt."

Traditional spear-phishing attacks have become commonplace and are regarded as the first step in serious financial crime or business and government espionage. The White House, for instance, just this month acknowledged a spear-phishing attack may have come from Chinese hackers.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: [email protected]

Read more about wide area network in Network World's Wide Area Network section.

IDG UK Sites

Windows 10 for phones UK release date, price and new features: When will my phone get Windows 10?

IDG UK Sites

Three of the most expensive Limited Edition games ever made: Who's buying a $1,000,000 game?

IDG UK Sites

The future of Microsoft Surface: What to expect from the Surface Pro 4

IDG UK Sites

Best Mac: Apple Mac buyers guide for 2015: iMac, MacBook, MacBook Air, MacBook Pro, Mac mini and...