How Malware Spreaders and Axed Employees Take Advantage of the Financial Crisis
The economic crisis that is going on at the moment is a terrible thing for companies that lose precious revenues and employees that are left without a job, so who could try to benefit from it? Malware spreaders of course! According to security vendor McAfee, a new spam run is making its rounds, using the economic crisis as a lure for gullible users. On top of that, it seems that the better part of fired employees walk out of the company with corporate data in their possession.
When money is tight, people naturally cut back their expenses, and it is this kind of people that the spam run is targeting. The whole process goes something like this: you get an email message in your inbox advertising some sort of bargain and the obligatory link. Curious to see what the bargain is all about, you click that link and are directed to a site that promotes free coupons. The guys responsible for the Waledac botnet are behind this and downloading the coupon list (couponslist.exe, sale.exe, or print.exe) will only result in your system getting infected with malware.
“In economically hard times, the malware authors do not rely only on clever and timely social-engineering, they also include a malicious IFRAME in the web site, which refers to malicious code trying to exploit unpatched computers with an additional drive-by infection. And furthermore the web site is craftily designed. The bad guys are using Geo-Location services to better target their audience. So when someone connects to the web site, they determine the geographical location on the fly and present the actual location in the web site texts. When a victim sees coupons for exactly his town, this will increase the demand for the bargain list,” explains Micha Pekrul.
As a rule of thumb, you should always be careful with offers that seem to good to be true (because most of the times that’s just what they are) and you should not click on links unless they originate from legitimate, trustworthy sources. If you are curious to see what other security problems you might encounter this year, take a look at McAfee’s 2009 threat predictions.
Moving on, a study conducted by the Ponemon Institute in 2008 which included a total of 945 adults from the US of A that lost their jobs (got fired, quit, changed jobs), revealed that about 60% of them took confidential corporate data with them when leaving: contact lists, email lists, non-financial business information and so on. The favorite method used by these employees for stealing data is to simply take paper files and documents when leaving the premises (61%), followed by copying data onto CDs or DVDs (53%), or sending the data as an attachment to a personal email account (less than 40%). The reasons for stealing the data range from starting their own business, to using it to hurt the company; but the main reason evoked by these people is using the data to get a new job.
“I’m not sure that malicious intent and future employment are mutually exclusive. Clearly the responses show that obtaining future employment was a significant motivating factor, but when we see a high percentage of individuals who took information knowing full well they were acting in violation of company policy, that hints strongly at the presence of malice,” says Larry Ponemon, chairman of the Ponemon Institute.
When money is tight, people naturally cut back their expenses, and it is this kind of people that the spam run is targeting. The whole process goes something like this: you get an email message in your inbox advertising some sort of bargain and the obligatory link. Curious to see what the bargain is all about, you click that link and are directed to a site that promotes free coupons. The guys responsible for the Waledac botnet are behind this and downloading the coupon list (couponslist.exe, sale.exe, or print.exe) will only result in your system getting infected with malware.
“In economically hard times, the malware authors do not rely only on clever and timely social-engineering, they also include a malicious IFRAME in the web site, which refers to malicious code trying to exploit unpatched computers with an additional drive-by infection. And furthermore the web site is craftily designed. The bad guys are using Geo-Location services to better target their audience. So when someone connects to the web site, they determine the geographical location on the fly and present the actual location in the web site texts. When a victim sees coupons for exactly his town, this will increase the demand for the bargain list,” explains Micha Pekrul.
As a rule of thumb, you should always be careful with offers that seem to good to be true (because most of the times that’s just what they are) and you should not click on links unless they originate from legitimate, trustworthy sources. If you are curious to see what other security problems you might encounter this year, take a look at McAfee’s 2009 threat predictions.
Moving on, a study conducted by the Ponemon Institute in 2008 which included a total of 945 adults from the US of A that lost their jobs (got fired, quit, changed jobs), revealed that about 60% of them took confidential corporate data with them when leaving: contact lists, email lists, non-financial business information and so on. The favorite method used by these employees for stealing data is to simply take paper files and documents when leaving the premises (61%), followed by copying data onto CDs or DVDs (53%), or sending the data as an attachment to a personal email account (less than 40%). The reasons for stealing the data range from starting their own business, to using it to hurt the company; but the main reason evoked by these people is using the data to get a new job.
“I’m not sure that malicious intent and future employment are mutually exclusive. Clearly the responses show that obtaining future employment was a significant motivating factor, but when we see a high percentage of individuals who took information knowing full well they were acting in violation of company policy, that hints strongly at the presence of malice,” says Larry Ponemon, chairman of the Ponemon Institute.
