Social Enterprise

Targeted social engineering attacks on the rise


Reports from MessageLabs (Techworld) suggest an increase in targeted social engineering attacks. The attack consists of a mail with a Word attachment addressed to seniors executives with their names and designations included in the subject, making it appear as if the mail originated from a known source.

The surge, while unusual in its magnitude, follows an increase in the number of targeted attacks MessageLabs researchers have seen during the past few years, said Mark Sunner, chief security analyst for MessageLabs, in Gloucester, England.

Corporations have always been hot targets for harvesting information. The malicious mails are also being sent to personal mail-ids of the relatives and family members of corporate executives, perhaps in the hope that anyone using the PC can initiate a malware installation. What makes such targeted attacks (eWeek) hard to detect is that the mails are tailored and delivered to specific individuals. Also, with social engineering sites becoming more and more pervasive, mining data on individuals is not a very hard task.

Social networking has its pitfalls too, and personal precautions seem the safest solution.

2 comments
MGP2
MGP2

What's up with the ""? Bad parser or does that represent code used in the attack?

pr.arun
pr.arun

Thanks for bringing that up MGP2. I use the Firefox browser and prepared the article in MS Word. Tags such as are proprietary HTML tags created by Microsoft Word or another Microsoft application. Its interesting that FireFox avoids these but apparently IE does not !