Agency Users Becoming Common Target of Spammers and Phishers
Sophos, an anti-malware vendor, claimed that the amount of spam increased to 96.5% of total business mail between April and June 2008. This points out that one out of 28 business mails is authentic.
Sophos informed that US holds the 1st position of sending the maximum number of spam. Russia grabs 2nd position, followed by a recent entrant Turkey acquiring the 3rd position.
Senior Technology Consultant at Sophos, Graham Cluley said that hackers are increasingly defeated by the companies anti spam techniques at the mail gateway, as reported by Contractor UK on July 21, 2008.
Graham also informed that they are adopting measures to put a halt on attackers and restrict them to send mails to targeted users. For this, hackers are accessing to networks like Facebook to launch spam messages on the profile of other users, as these profiles not just viewed and read by the owner, but by others also who visit his or her page.
According to security analysts, spam distributed via Facebook, Linkdeln and Bebo is not higher than through the conventional mode of mail spam. But it is growing fast.
The security vendor also explained that besides spam, phishing has become a tough genre to deal with. And it has become very difficult for user to distinguish between authentic mails and fraudulent messages.
According to security vendor, phishers have retorted to what seems to be authentic mails coming from govt. agencies, but they are fake mails directing recipients into revealing their private data or install a harmful payload on their system.
Sophos also informed that spear phishers could create authentic addresses by making use of list of employees found on the networks of social media like Linkdeln or Facebook.
The security vendor also claimed that phishers and spammers are always on a hunt for credulous users to achieve the spamming or phishing goals. Also, they make use of links to tantalize innocent users to fake sites that appear just like the original sites of the firm, organization or the agency they are imitating.
Security analysts claimed that if users follow the guidelines and reveal their private data on the site, it would end up giving ID to thieves. The security vendor advises that to confirm the authenticity of the mail, users should call the agency or the company or can simply visit its site through a search engine.
Related article: AGMS Admits Falling Prey to Unsolicited Spam E-mails
» SPAMfighter News - 01-08-2008