Simply analyzing the phishing message's contents would not reveal anything out of the ordinary. Unlike regular phishing e-mails, all links and e-mail addresses were legitimate. There were no bogus Web sites and no Trojan horse executables to install. Rather, the attackers are essentially instructing the victims to open up their e-mail server for spam relaying.
Upon opening this message, Bob suspected the scam immediately. His suspicions were confirmed 10 minutes later when he received an identical message from another vendor. Others users have not been as lucky.
I'm already aware of several clients who've fallen for this scam. In each case, the victim remembered getting a similar sort of email message when they first signed on with a service and, thus, thought the bogus message was legitimate -- especially because their cloud/hosting providers keep bragging about all the new data centers they're continuing to bring online.
Other phishing messages have instructed users to disable their host-based firewalls and to open up unprotected network shares and enable overly permissive peer-to-peer file sharing. It makes the old days of hoax messages that caused users to delete legitimate operating system files seem relatively harmless.
As with any suspected phish email, recipients should contact the purported senders using another out-of-band method to confirm the legitimacy. Moreover, you should update your end-user education materials to include these sorts of phishing e-mails.
This story, "Fraudsters hone their attacks with spear phishing," was originally published at InfoWorld.com. Follow the latest developments in security and read more of Roger Grimes's Security Adviser blog at InfoWorld.com.