Fake Facebook Profile For NATO Senior Commander Used To Phish Senior Brass

A fake Facebook profile for NATO Senior Commander James Stavridis, a US Navy Admiral, was used to trick senior officers in both the U.S. and British military to becoming friends.

A fake Facebook profile for NATO Senior Commander James Stavridis, a US Navy Admiral, was used to trick senior officers in both the U.S. and British military to becoming friends.

The spear phishing attack is of unknown origin and is believed to have divulged a wide range of personal information of senior military brass that could be used in subsequent, targeted attacks, the Telegraph reported.

A fake Facebook profile for NATO Senior Commander James Stavridis, a US Navy Admiral, was used to trick senior officers in both the U.S. and British military to becoming friends.

The spear phishing attack is of unknown origin and is believed to have divulged a wide range of personal information of senior military brass that could be used in subsequent, targeted attacks, the Telegraph reported.

Stavridis, NATO’s Supreme Allied Commander Europe, headed up NATO operations in Libya and is a regular user of social media. The Admiral maintains an active Facebook page and a blog on NATO’s Web site, where he discourses on NATO policy, his travels to global hot spots and his official duties.

The impostor page has since been taken down. It isn’t known how long the page was active for or who was tricked into “friend-ing” the fake James Stavridis. The Telegraph cites unnamed sources saying that military officers and diplomats were told the attacks were tracked to “state sponsored individuals in China.”

Officials say it unlikely that the attacks would have yielded any classified data. However, it likely divulged personal e-mail addresses, dates if birth, phone numbers and a wealth of information on the military and defense officials social network that could be used in subsequent targeted attacks.

Impersonating well known figures on Facebook and Twitter is easy to do, though both companies will remove fraudulent accounts when made aware of them. Facebook said in February that it will allow high profile members to verify their account and begin using nicknames to identify themselves. The company says the new feature will allow celebrities and other Facebook VIPs to get higher billing on Facebook and attract more followers. However, its unclear whether the offer was extended to prominent members of the military or government. As of this writing, Admiral Stavridis had not taken advantage of the verified account feature.

Suggested articles

plugX malware loader TA416

TA416 APT Rebounds With New PlugX Malware Variant

The TA416 APT has returned in spear phishing attacks against a range of victims – from the Vatican to diplomats in Africa – with a new Golang version of its PlugX malware loader.

Discussion

  • Anonymous on

    Worse written article ever.

  • Anonymous on

    Why are some American flag and general officers social media whores and act like kids with friend requests? Act like a professional military officer and not a Hollywood starlet!

  • Anonymous on

    Same paragraph used twice???

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.