Following the news that CyberInt has discovered a re-emerging international phishing campaign that delivers Ramnit Worm/Botnet malware targeting financial organisations in Asia which it believes is heading for the UK as well, Corin Imai, senior security advisor at DomainTools offers the following commentary.
Corin Imai, Senior Security Advisor at DomainTools:
“Unfortunately, there is no one-size-fits-all advice against phishing campaigns, which maintain effectiveness because they are continuously edited and upgraded to look legit. Criminals consistently up their game, designing backsplashes and corporate-looking malicious landing pages, coupled with social engineering techniques such as impersonating an anti-fraud exercise, making it very tricky for people to recognise an email as fraudulent.
The stranger-danger rule of thumb should be applied to emails we receive, both on corporate and personal computers. An unrecognised sender should always be a red flag: even if most emails from unknown addresses are legit, the consequences of opening a malicious one are far too damaging to be worth the risk. Spelling mistakes or discrepancies in the text should be the second warning sign: very often it’s small details that give away the nature of a phishing attempt.
Any language of urgency should also raise concerns: ask whether the institution or person in question would ask for personal or financial details over email, if at all. When an email is asking to complete an action immediately, the best thing to do is to take the time to analyse the request and avoid the instinctive reaction of trying to resolve the matter as soon as possible.
Filtering systems for corporate emails can help organisations keep out criminal campaigns, but it’s training employees that will eventually make the difference between a successful attack and a diverted one.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.