Resist the Latest Business Phishes

The latest spam can take the form of a subpoena purporting to be from a United States District Court, a calendar invite, or an IRS refund, in 'net cast wide' blasts or more targeted 'spear phishing' usually aimed at businesses.

Those are some of the examples from a draft of Symantec's 'State of Spam May 2008' report sent out this morning. Along with the expected stats (80 percent of all e-mail is spam, and the U.S. remains the top spam source), the report provided some examples of new dirty tricks that can target your business.

One trick sends an e-mail that appears to be a subpoena from a District Court, with a link provided to download more documents. The image looks like it's targeted at a particular person at a specific business, which fits the bill for a custom 'spear' phish. If said person followed the download link, they'd have pulled in a keystroke-logging Trojan, according to Symantec.

These spear phishes aren't new, but they are dangerous. Their more careful crafting requires a more discerning eye. I previously wrote about other examples that faked messages from the Better Business Bureau or IRS.

One new, if uncommon, type of spam listed by Symantec comes in the form of a calendar invite. An attached 'invite.ics' beckoned the recipient to take part in the classic Nigerian 419 scam, a new twist on an old approach.

Then there's this seeming IRS e-mail about a tax refund. Per Symantec, clicking the link would only take you to an online vampire game instead of stealing your info, but fake IRS messages are definitely something to watch out for, especially at tax time.

One last tip: spear phishes that target businesses can be particularly hard to recognize, even when you're careful. If you're at all unsure about an e-mail attachment, upload it to Virustotal.com, which scans any uploaded file (up to 10MB) with more than 30 different antivirus engines. The engines are usually set to max settings so you'll usually get one or two false alerts, but it's an otherwise terrific (and free) way to see if a file's safe.

TAGS:

Recommend this story?
Vote Yes
Vote No
0 Yes
0 No
Email
Comment

Community Comments

News For Your Business

More News

News

Business Center - August 29, 2008
Bracing for Gustav, Oracle and Google Woes This is typically one of the slowest weeks of the year for IT news, but the approach of Hurricane Gustav has Gulf Coast IT...
Smart Phones - August 29, 2008
IPhone Photo Scavenger Hunt Is Afoot Software vendor Platial, maker of the free location-based program Nearby, is running a scavenger hunt for iPhone users this weekend.
Web-based Applications - August 29, 2008
Quick Fix for Firefox 3 Bug with Yahoo Mail If you're missing scrollbars in Yahoo Mail, here's how to get them back.
Business Center - August 29, 2008
Humax Looks Into Set-top Box Future With the iCORD Hybrid set-top box, manufacturer Humax shows some of what it has in store at the IFA electronics show in...

Featured Resources

Premier Content From Our Sponsors

HP Ink Center You don't need a big budget to produce high quality marketing materials. Click here for more info...
CDW Virtualization Center What is Virtualization and how can it help you save money? Click here for more info...

Featured Whitepapers

White papers, case studies and product info from top brands

Applications, Virtualization and Devices: Taking Back Control Employees installing legitimate but unauthorized applications, are a real and growing threat to business security and productivity. Removable storage media and wireless protocols make the challenge of securing data even more complex. This paper expl...
The Evolution of IT Operations Effective IT operations are the baseline for successful businesses. Effective IT service delivery is the baseline for effective IT operations. Delivering high-quality services requires well-designed and highly automated IT operations processes in lo...