Phishers target book publishers in new campaign

News by Rene Millman

Attackers look to steal new book manuscripts and personal information about authors, according to firsthand accounts from publishers and agents.

Book publishers have warned staffed over a new campaign by phishers to steal information about authors and publishers as well as book manuscripts.

According to reports in the book trade publication The Bookseller, scammers are aiming at literary agencies, asking for manuscripts, authors’ details and other confidential material.

The phishers have pretended to be from literary agent Catherine Eccles, owner of the international scouting agency Eccles Fisher. However, any reply emails go to a different domain with a slightly altered address.

Eccles said that whoever is behind the phishing attempt has "inside knowledge".

"This is from someone with knowledge of our industry and who we work with. It could be very damaging to our reputation. We want to stop it and encourage others to be vigilant," she told the Bookseller.

A further report found that this incident has led to Penguin Random House (PRH) North America warning its staff about such issues before the opening of the Frankfurt Book Fair.

"We have recently seen an increase in attempts to steal our manuscripts. This has occurred in multiple locations across the globe. The individuals attempting to access these manuscripts have a sophisticated understanding of our business. We need to protect ourselves from these threats," read the PRH email with the subject line "Important: New Phishing Alert," according to a further report from the Bookseller.

The email urged PRH staff to be "extremely careful" about confidential information such as "manuscripts, user IDs, passwords, social security numbers, credit card numbers, bank account numbers, W-2s [US tax forms] and/or wire transfers".

A spokesperson for the publishers confirmed the warning to staff and said that employees need to be aware of such attacks.

"Like all companies, Penguin Random House takes all reports of phishing activity and email scams seriously and, when appropriate, notifies its employees to recognise and prevent such attempts. Employee awareness and training… is a critical component of our company’s cyber-security program," said the spokesperson.

Phishers have also reportedly targeted PRH UK, Pan Macmillan and another unnamed publisher. The phishers are using the same techniques of sending legitimate-looking emails with spoofed addresses, supposedly sent by literary agents and foreign-rights staff, in order to access manuscripts.

Paul Ducklin, senior technologist at Sophos, warned that people should not get lulled into a false sense of security because this "seems like such a targeted attack that you can relax if you aren't in the publishing industry".

"This is just a specific example of the very broad-brush criminal tactic of social engineering, using content tailored for the companies the crooks are focusing on right now. Don't be surprised that the crooks have figured out that it's more believable to ask publishers about manuscripts and authors than about, say, prescription medications and drug testing protocols," he told SC Media UK.

"Adapting this sort of email to any number of different industries is trivial, and there's no special reason why you won't be next. Just remember, when it comes to data that an email is squeezing you into revealing: if in doubt, don't give it out," Ducklin said.

Oz Alashe, CEO of cyber-security training platform CybSafe, told SC Media UK that users should mindful of any situation involving payment to an individual or business or the emailing of client manuscripts.

"Look at the email holistically – at the appearance, the language, and the source of the email. Through this, you can begin to make an accurate judgement about whether an email is genuine or fraudulent," he said. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews