A spear-phishing assault or personalized e-mail scam, circulating online, cites the NSA as well as exploits the recent news regarding an unauthorized intrusion into SecureID tokens of RSA, thus published Cyveillance in news on July 22, 2011.
With spoofed sender's address as though the e-mails originated from
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
, the messages provide a web-link that leads the user maliciously onto a URL named national-security-agency.com that as per Cyveillance was registered just 24-hrs prior to the execution of the spam campaign.
Incidentally, clicking on this web-link has now necessitated altering 40m security key programs, most of which aided in protecting vital military and industrial secrets, says Cyveillance. It (Cyveillance) has currently seized reports and instances related to many versions of the bulk phishing e-mail largely with the header "Security Token Update" or "Token Code Update."
...
