The Syrian Electronic Army (SEA) phished Google Apps accounts belonging to Onion employees using three separate methods. On May 3, 2013, the SEA sent phishing emails to Onion employees from address that appeared odd. They sent these emails to just a few Onion employees. This kept the SEA from being detected.
One Onion employee fell for the phishing attack. Once the SEA had access to this employee’s account, they used it to send the same email to multiple Onion employees. Here’s what happened:
The third phishing attack was the final one; it compromised two more accounts. One of the accounts was used for Onion’s Twitter account. Once the third attack occurred, the editorial staff at Onion published articles referencing the attack. One of the articles is noted here:
Syrian Electronic Army Has A Little Fun Before Inevitable Upcoming Deaths At Hands Of Rebels | The Onion – America’s Finest News Source.
These articles made the SEA angry, and in retaliation they posted editorial emails on Onion’s Twitter account. The staff at Onion decided that none of their accounts were safe because there was no way to tell which accounts had been compromised, and which hadn’t. So all Onion employees were required to reset their passwords.
Ensure This Doesn’t Happen to You
The SEA wasn’t using complex methods of attack. This becomes clear when we examine incident, and others like this one such as the Guardian and Associated Press attacks. All of these attacks were accomplished using simple phishing strategies; possibly using dictionary attacks, that are easily preventable if you employ a few simple security measures.
Have questions about your business technology security? Give us a call and book a time with our Information Technology security experts today. We are your technology support experts, we are here to help you.
Published On: 16th May 2013 by Ernie Sherman.