PhishMe Observes that Phishing E-mails Passing through Anti-Spam Filters
Virginia-based security and anti-spam company, PhishMe recently released a survey report comprising 250 security professionals of sample size at this year's Black Hat hacker conference in Las Vegas and found that more than two-thirds or 69% encounter phishing emails getting past anti-spam filters many times in a week. Almost a quarter of the respondents said that they see such phishing emails in their mailboxes very often which indicates that anti-spam filters are not working properly.
Literally phishing is a way of an e-mail attack that employs social engineering devices to lure recipient into a false sense of security that leads them into clicking on links within an e-mail. The e-mail may also have attachment that looks like original sites and Unicode URLs but in most cases, these remain hidden and unnoticeable for clients.
According to a report published by Darkreading.com on 7th August, 2012 quoting the comment of Scott Greaux, Vice President of Product Management at PhishMe. According to Greaux, many people who think that they are safe because of spam filter but rather has been observed to receive multiple spam messages daily in spite of installing anti-spam filter and no occasional phishing emails.
PhishMe rather claims that spear phishing has been at the top method of contaminating enterprise systems with malware. In the survey, more than one quarter of security professionals preferred that top executives or privileged users of their enterprises have been negotiated by spear phishing attacks during the last 12 months. Other 31% of network pros said they were unsure of whether their executives or privileged users had been struck with such spam attacks.
Almost 49% of the respondents confirmed that of receiving training once a year and 9% said their organization had no security training programs which increased the severity of being attacked as the users are naïve and easy victims of the attack.
Greaux says "Not only phishing email messages are contaminating the systems of the users but most of them are not even trained on what to do when they are being infiltrated with such bugs.
Hence, the survey by PhishMe reveals that security training is not a waste of time but sometimes existing methods are not adequate which need to be updated regularly.
Related article: Poison Ivy Compromises Computer and Accesses Stored Information
» SPAMfighter News - 16-08-2012