Hackers research decision makers by browsing social networks, reading up on news about the company, and creating e- mails and links that appear to be genuine and come from people that the targets know.
'Flipping Burgers'
"Phishing is on a different trajectory than it's been in the past," said Malcolm Harkins, Intel's chief information- security officer.
Intel was targeted a few years ago, when Chief Executive Officer Paul S. Otellini opened a hacker's e-mail that looked like it came from a federal circuit court in relation to legal proceedings.
Hackers have many motives, including making mischief, selling information for profit or stealing trade or military secrets. While many of the attacks seem sophisticated, the majority require little programming knowledge because people in the companies do the work for them, Rasch says.
"It beats flipping burgers for a lot of these guys," he said.
Their forays can be aided by workers who place their trust in digital communications despite warnings they should be more cautious.
Faux Vixen
In early 2010, security specialist Thomas Ryan created a fictional online-security analyst using pictures taken from a pornography-related website. Through e-mail and other online correspondence, he said he gained access to e-mail addresses and bank accounts, learned the location of secret military units based on soldiers' Facebook photos, and connections between people and organizations.
The fictional woman received private documents to review, speaking requests and job offers from Google Inc. and defense contractor Lockheed Martin Corp., Ryan said.