Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
5/9/2017
11:00 AM
Malwarebytes Labs
Malwarebytes Labs
Partner Perspectives
50%
50%

Malspam Causing Havoc for Mac & Windows

Spam is a multi-platform, multi-vector approach to network compromise, and organizations need to weigh up the risks on all fronts to be able to combat it successfully.

Spam campaigns continue to be a major problem for businesses across the globe, serving up a mixture of malware, phishing, identity theft, and more. With scammers spiking activity in February after what appeared to be a bit of an extended holiday, malware spam (Malspam) attacks have returned in full force. Fax notifications, scanned images, resumes, and traffic tickets have all been successfully used as bait, often using password-protected documents and zipfiles attempting to defeat automated analysis.

Even as business shores up the technical side of things, Malspam authors hope to exploit the supposed weak link in the security chain – the non-security trained employee. A disaster of this nature poses a major risk both in public and behind the scenes. The two primary targets we see are finance and social media, and scammers hope to see a lethal combination of low/no security, and poor staff training in order to pull off a successful attack.

The soft HR/Finance Underbelly
If an unwary employee in HR or finance receives a "late payment" or tax invoice missive, there is a good chance they won't stop and think before opening the infected file (usually via the password pasted into the email itself - another evasion tactic). If this happens on a network with no suitable protection in place, that organization is looking at downtime, data theft, and even a dose of ransomware for their troubles.

From banking Trojans and clickfraud to "pump and dump" stock campaigns, the playing field for these attacks is a large one and it's essential that a layered defense goes hand in hand with regular, thoughtful training sessions for those guarding the financial keys to the kingdom.

Financial Lockdown
Give your HR and finance teams an insight into the world of fake tax invoices. Let your CFO know about the ever-present threat from CFO fraud spam, along with ways to spot a fake. If you don't have a "two factor" method for authenticating wire transfers, do it now, or risk losing hundreds of thousands of dollars, or even (in the worst examples) millions to a CFO scammer. Just one incident could not only cause endless column inches about how badly your company got it wrong, but conceivably put you out of business.

Even your social media accounts aren't free from spam worries; we often see fake accounts pretending to be real companies that insert themselves into customer support conversations on Twitter in an effort to send victims to phishing or malware pages. Typically, they do this when the official Twitter support account isn't being used, so by the time the staff log in the next day it's too late.

Companies may wish to divide social media duties between different time zones to combat this, and also backtrack on conversations to ensure scammers haven't worked themselves into the debate. If it's possible to verify the identity of your account on a particular service, this will definitely help to prove your credentials. It's essential to explain to the people responsible for these social media accounts what dangers lurk, or else they can't effectively safeguard the interests of your customers on a daily basis.

Spam is a multi-platform, multi-vector approach to network compromise, and we need to weigh up the risks on all fronts to be able to combat it successfully. Whether finance or front line social media support, the time is now to take action and shore up those defenses.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Yahoo Class-Action Suits Set for Settlement
Dark Reading Staff 9/17/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Malwarebytes protects businesses against malicious threats that escape detection by traditional antivirus solutions. Malwarebytes Anti-Malware, the companys flagship product, has a highly advanced heuristic detection engine that has removed more than five billion malicious threats from computers worldwide. SMBs and enterprise businesses worldwide trust Malwarebytes to protect their data. Founded in 2008, the company is headquartered in California with offices in Europe, and a global team of researchers and experts. For more information, please visit us at www.malwarebytes.com/business.
Featured Writers
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17229
PUBLISHED: 2018-09-19
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
CVE-2018-17230
PUBLISHED: 2018-09-19
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
CVE-2018-17231
PUBLISHED: 2018-09-19
** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third par...
CVE-2018-17228
PUBLISHED: 2018-09-19
nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call.
CVE-2018-8889
PUBLISHED: 2018-09-19
A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account.