On the morning of Dec. 2, attackers logged into CheckFree's domain name registration account at Network Solutions and redirected Internet traffic away from CheckFree's systems to a rogue server located in the Ukraine. During an incident that lasted just under five hours, CheckFree customers trying to connect with the company's Web site were attacked with code that exploited a bug in Adobe's Reader software.

But security experts said Thursday that the groundwork for this attack may have been laid in late October, when Network Solutions customers were targeted in a phishing attack.

In , Network Solutions customers were sent an e-mail crafted to look like it came from the domain name registrar, asking them to enter their account information on a Web site controlled by the criminals. When these attacks are directed at a small but carefully targeted group of victims, they're called "spear phishing" in the security industry.

Network Solutions was one of at least domain name registrars that were targeted with this attack, said Susan Wade, a Network Solutions spokeswoman. Nobody knows how the CheckFree hackers accessed the domain name account, but they entered the correct password on their first attempt, she said.

Anti-Phishing Working Group Chairman Dave Jevans believes that the October phishing attack may have been to blame.