Reports from MessageLabs (Techworld) suggest an increase in targeted social engineering attacks. The attack consists of a mail with a Word attachment addressed to seniors executives with their names and designations included in the subject, making it appear as if the mail originated from a known source.
The surge, while unusual in its magnitude, follows an increase in the number of targeted attacks MessageLabs researchers have seen during the past few years, said Mark Sunner, chief security analyst for MessageLabs, in Gloucester, England.
Corporations have always been hot targets for harvesting information. The malicious mails are also being sent to personal mail-ids of the relatives and family members of corporate executives, perhaps in the hope that anyone using the PC can initiate a malware installation. What makes such targeted attacks (eWeek) hard to detect is that the mails are tailored and delivered to specific individuals. Also, with social engineering sites becoming more and more pervasive, mining data on individuals is not a very hard task.
Social networking has its pitfalls too, and personal precautions seem the safest solution.