"Advanced Phishing Campaign" against Wipro hits aerospace, defense, banking, healthcare, automotive, oil and gas outsourcing clients
Forbes story on "an advanced phishing campaign" against giant outsourcing supplier Wipro (read the story here) knackered "at least a dozen" of the firm's customers. "Advanced phishing" my ass! Wipro DMARC email spoofing/phishing enforcement is set at "don't bother." That's right. No action is taken against DMARC policy violations ("p=none"). According to the article, Wipro "…had been compromised for some time…" Which leads me to speculate that a good deal more than a dozen of their customers have been infiltrated. Wipro CISO Sridhar Govardhan needs to…uh…be Applying Thought to doing his job. Sridhar, if your caller ID shows HSBC, Citi, MetLife, Walmart, Best Buy, Vodafone, T-Mobile, HP, or Nokia to name just a few, you might want to let it go to voice mail.
You see, even though HSBC, Citi, and Walmart are protected against email phishing/spoofing themselves, they trusted Wipro. Hence, you guys roached their supply chain. Yep, go to voice mail, Sridhar!
You probably won't get calls from MetLife (an Agari customer), Best Buy (a proofpoint customer), Vodafone (protected by some schmucks at DMARDAnalyzer.com), T-Mobile (not protected by anybody), HP (their home-rolled DMARC is set to "p=none"), or Nokia (their home-rolled DMARDC is also set to "p=none"), because all these guys have schnuck CISOs.
So, uh, what kind of music do you have playing on your phone tree while people are waiting. They're probably steaming their own Twisted Sister rendition of "We're Not Going To Take It" and doing so with gusto.