Check Point security evangelist Tomer Teller talks about the recent Sony PSN Breach
The largest personal data breach in history happened recently, with approximately one hundred million Sony PlayStation Network and Sony Online Entertainment customers' credentials being stolen. Security Evangelist Tomer Teller makes these comments about the breach:
"We aren't yet sure if credit card numbers were stolen, but we do know that the usernames, emails and billing information were stolen. Even without credit card numbers, attackers now have 100 million email addresses for direct SPAM.
They can now tailor a specific message to each one of these Sony customers based on the information they now have. Unlike a standard spam message, which is usually very generic since the spammer has no clue who the person behind the email is, the attackers can now have all the information they require. The attackers can look that Sony subscriber up using social media sites (Facebook, Twitter, LinkedIn, etc.) and tailor a specific spam message that is based on the user preferences, traits etc. For example, if one of those 100 million users' Facebook page says that he likes cats and classical music, the attacker can craft a seemingly legitimate message that integrates these two pieces of information and create a sense of intimacy that is quite the opposite of a typical spam message.
Compare a standard spam message:
The new Viagra really works!
With this crafted spam message:
Dear Mr. Brown,
The new classical music collection is out there… Buy 2 and you get free food
for your cat Pinky! Click here to receive your free coupon.
This message looks less generic and the odds that Mr. Brown clicks on the link are much higher!"