. Updated Daily. Editions SDA India   SDA Indonesia
BUSINESS ENTERPRISE SOLUTIONS ARCHITECTURE INFORMATION SECURITY WIRELESS & MOBILITY DATA & STORAGE DEVELOPMENT HARDWARE













News

Friday, 25 April 2008

Asian CEOs Beware! New Spear Phishing on the Rise!

 

 

Asia-based CEOs should beware of the recent spear-phishing attacks targeting their U.S. counterparts and stay on high alert for similar attacks against them according to security network infrastructure company SonicWALL.

Spear-phishing, a targeted attack at small groups and specific individuals, is one of the fastest growing types of security threats today and can be highly lucrative for the attacker.

The malware in question here -- CEO spear-phishing attack-- masquerades as an official e-mail subpoena from the U.S. District Court in San Diego. In the email, recipients are instructed to click on a link to view the subpoena in its entirety.

When users click on the link, spyware software launches capturing passwords and key corporate data such as company financials, merger and acquisition plans and correspondence with other executives and board members.

Given the rapidly evolving nature of phishing, SonicWALL recommends that Asian CEOs stay on high alert as phishers would have adapted the spear-phishing attacks specifically to an Asian context to launch against them.

In fact, the initial Trojan, first identified on April 14, 2008, has since morphed into a new variant with a new URL and a new version of the spyware.

“Spear-phishing works because the spam is so targeted that recipients feel obligated to act,” said Chee Heng Loon, Vice-President, Asia-Pacific, SonicWALL.

“We predict these types of attacks will increase in the coming years. Traditional spam detection is focused on identifying large bulk mailings versus spear-phishing attacks. To combat spear-phishing and other fraud activities, companies need to look at comprehensive and layered approaches to safeguard against such threats -- combine AV, intrusion detection, firewall, anti-spam, gateway defense.”

SonicWALL advices business users to do the following:

1. Do not open emails and attachments from senders you do not recognize.

2. Do not click on links embedded in emails. To access a website, always log in proactively by typing the URL of the website.

3. Users who receive phishing emails should report them to their IT department so that they are updated about the attacks

4. Change user passwords regularly and frequently.
 
 
print save email comment

print

save

email

comment
 
 

Search SDA Asia

Free eNewsletter
SDA Asia Magazine Free Download
 
 
 
Copyright @ 2009 SDA Asia Magazine - All Right Reserved Privacy Policy | Terms of Use