Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
5/9/2017
11:00 AM
Malwarebytes Labs
Malwarebytes Labs
Partner Perspectives
50%
50%

Malspam Causing Havoc for Mac & Windows

Spam is a multi-platform, multi-vector approach to network compromise, and organizations need to weigh up the risks on all fronts to be able to combat it successfully.

Spam campaigns continue to be a major problem for businesses across the globe, serving up a mixture of malware, phishing, identity theft, and more. With scammers spiking activity in February after what appeared to be a bit of an extended holiday, malware spam (Malspam) attacks have returned in full force. Fax notifications, scanned images, resumes, and traffic tickets have all been successfully used as bait, often using password-protected documents and zipfiles attempting to defeat automated analysis.

Even as business shores up the technical side of things, Malspam authors hope to exploit the supposed weak link in the security chain – the non-security trained employee. A disaster of this nature poses a major risk both in public and behind the scenes. The two primary targets we see are finance and social media, and scammers hope to see a lethal combination of low/no security, and poor staff training in order to pull off a successful attack.

The soft HR/Finance Underbelly
If an unwary employee in HR or finance receives a "late payment" or tax invoice missive, there is a good chance they won't stop and think before opening the infected file (usually via the password pasted into the email itself - another evasion tactic). If this happens on a network with no suitable protection in place, that organization is looking at downtime, data theft, and even a dose of ransomware for their troubles.

From banking Trojans and clickfraud to "pump and dump" stock campaigns, the playing field for these attacks is a large one and it's essential that a layered defense goes hand in hand with regular, thoughtful training sessions for those guarding the financial keys to the kingdom.

Financial Lockdown
Give your HR and finance teams an insight into the world of fake tax invoices. Let your CFO know about the ever-present threat from CFO fraud spam, along with ways to spot a fake. If you don't have a "two factor" method for authenticating wire transfers, do it now, or risk losing hundreds of thousands of dollars, or even (in the worst examples) millions to a CFO scammer. Just one incident could not only cause endless column inches about how badly your company got it wrong, but conceivably put you out of business.

Even your social media accounts aren't free from spam worries; we often see fake accounts pretending to be real companies that insert themselves into customer support conversations on Twitter in an effort to send victims to phishing or malware pages. Typically, they do this when the official Twitter support account isn't being used, so by the time the staff log in the next day it's too late.

Companies may wish to divide social media duties between different time zones to combat this, and also backtrack on conversations to ensure scammers haven't worked themselves into the debate. If it's possible to verify the identity of your account on a particular service, this will definitely help to prove your credentials. It's essential to explain to the people responsible for these social media accounts what dangers lurk, or else they can't effectively safeguard the interests of your customers on a daily basis.

Spam is a multi-platform, multi-vector approach to network compromise, and we need to weigh up the risks on all fronts to be able to combat it successfully. Whether finance or front line social media support, the time is now to take action and shore up those defenses.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
Malwarebytes protects businesses against malicious threats that escape detection by traditional antivirus solutions. Malwarebytes Anti-Malware, the companys flagship product, has a highly advanced heuristic detection engine that has removed more than five billion malicious threats from computers worldwide. SMBs and enterprise businesses worldwide trust Malwarebytes to protect their data. Founded in 2008, the company is headquartered in California with offices in Europe, and a global team of researchers and experts. For more information, please visit us at www.malwarebytes.com/business.
Featured Writers
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.