Kochi - the background
Spear Phishing is a serious problem. It affects many major corporate and Educational IT systems. In basic terms, it is a directed attack against the weak point of all IT systems - the end user.
During the early part of 2008, many UK and US Higher Ed. institutions experienced a significant number of spear phishing attacks. In many cases these attacks were blocked by inbound message filtering, but several institutions experienced messages reaching their users.
In those cases, when these messages did get through a small number of users responded and included their local logon credentials. Their accounts were subsequently abused - mostly to send out large amounts of Spam, but occasionally to further propagate spear phishing attacks against other educational systems.
The transient damage done to the affected institutions was, in some cases, very serious as they found themselves blocked by the "big players" - Hotmail/Live, Yahoo!, AOL aswell as reputation providers like SenderBase and DNSBL providers such as SpamCop. Although the resulting listings may have only lasted a short time (of the order of 2 to 4 days in some cases), the longer-term damage in terms of trust caused both within and external to these organisations could be very serious. Additionally, these events cause significant stress for the IT staff involved in the cleanup operation.
The name is taken from the Japanese port city of the same name whose most famous dish is katsuo tataki - seared and seasoned tuna. We might not like phishing, but we like fish!