Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
ComputerWorldNetwork WorldCIO CanadaCIO Canada Governments' ReviewJobUniverse Canada
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Unlock the potential of data with the right data warehouse solutionUnlock the potential of data with the right data warehouse solution read more
IBM Multiform Master Data Management: The evolution of MDM applicationsIBM Multiform Master Data Management: The evolution of MDM applications read more
Closing the data privacy gap: Protecting sensitive data in non-production environmentsClosing the data privacy gap: Protecting sensitive data in non-production environments read more
Yuk it Up
Act to Amend the Copyright Act
Want a copyright law that protects spyware and virus writers? If not, sign our petition to amend Bill C-61
Featured IT Quiz
IT Quiz: Test yourself to see if you have the knowledge to fit into the open source world, and compare yourself with the rest of the respondents
Featured White Papers
This white paper details Intel's current and future energy-saving initiatives to reduce costs and support business goals. Learn how Intel IT is extending its efforts to be a role model enterprise IT organization by supporting the Climate Savers Computing Initiative, which aims to drive a 50 percent reduction in computer-related CO2 emissions worldwide. No registration required.
Sign-Up for
Communications Infrastructure
eNewsletter Delivered Weekly
Click here
Page 1 of 2

Social engineering propels e-card virus

If you haven’t done so already, perhaps it’s time to remind your users about the hazards of clicking on e-mail attachments from unknown senders.

Security researchers have detected a significant surge in the number of spam attacks in July containing variants of the Storm worm, a Trojan that turns infected PCs into an army of hacker-controlled botnets. This type of worm was first detected last January.

E-mail and Web security services firm MX Logic has reported a 1,700 per cent spike in the number of worm-related e-mail attacks containing payload files that are new variants of the Storm worm.

The most common of these types of e-mails are those that purport to contain a greeting card attachment, according to Sam Masiello, director of threat research at MX Logic in Englewood, Colo.

The attached fake greeting card contains a link that triggers the download of a piece of malware that then scours the system for specific vulnerabilities. The vulnerability is then exploited by the attacker to gain control of the system, Masiello explained.

“If you can make your message look legitimate and if you can convince the user that what they are about to open is something that they want to open or an attachment that they would like to click on, then your campaign is likely to be successful,” he explained.

Botnets are proving to be financially rewarding for hackers for the various purposes they can serve, from worm propagation and mass spam distribution to launching targeted denial-of-service attacks, Masiello said, adding he expects these types of attacks to continue.

“With the size of the botnet army that they have at their disposal to launch new variants coupled with the success of the social engineering tactics that they have been using, I don’t expect to see Storm falling off the map anytime soon,” Masiello said.

Seen elsewhere

Symantec Corp’s recent Spam Monthly Report has shown a similar trend of rising e-card spam in the month of July.

“The link (to the attachment) in these cases was an exposed IP address, which is a clear indicator that it isn’t a greeting card from an established and reputable e-card service,” the Symantec report said.

Just last month, however, security vendor Fortinet cited on its State of Malware Report a general decline in the number of mass-mailing worms since the start of the year. On the average, the report said, e-mail worms decreased by five per cent each month.

The decreasing trend was attributed to attackers shifting to more targeted attacks, rather than indiscriminate mass mailing, according to Bryan Lu, project manager for the Fortinet Global Security Research Team.

Lu also attributed the reported drop in e-mail worms to increased end-user awareness about social engineering tactics involved with this type of attack, knowing better now than to click on attachments from unknown senders.

But the rising number of bot-infected computers is an indication that social engineering tactics are still an effective attack mechanism, according to Masiello.

Page 1 of 2
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

Special Advertising Partners
IDC Case Study: Identity And Access Management Buying Criteria.
IDC analyses IAM buying criteria and deployment at Coppin State University. Coppin State replaces "first generation" IAM solution to obtain benefits needed for today's agile enterprise: ease of integration, rapid deployment, simplified compliance, flexibility.
White Papers
Closing the data privacy gap: Protecting sensitive data in non-production environments
How can IT organizations protect sensitive data, including employee and customer information, as well as corporate confidential data and intellectual property? Industry analysts recommend "de-identifying" or masking data as a best practice for protecting privacy. This white paper explains the importance of closing the data privacy gap in non-production environments, and provides guidance on effective data masking. Complimentary with registration. Sponsored by IBM.
Unlock the potential of data with the right data warehouse solution
Once you've made the decision to implement a new data warehouse, you want to make sure you choose the one that's right for your organization. This buyer's guide provides checklists for starting points that you can use when evaluating vendors and their products. Complimentary with registration. Sponsored by IBM.
Prepare for a more efficient SAP implementation: Take data issues off the critical path
This white paper outlines how the Preliminary Data Assessment Appliance (PDAA) from IBM can help address the challenges of integrating data from different operational applications across the enterprise to an SAP platform. Complimentary with registration. Sponsored by IBM.