Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Beware of social engineering threats

Jack Loo | May 13, 2011
Microsoft security report warns of more sophisticated and targeted attacks

SINGAPORE, 13 MAY 2011-Cyber criminals are leveraging on social engineering tactics that entice employees in organisations to visit phishing sites, according to a Microsoft executive.

"We continue to see cyber criminals evolve attack methods such as a significant rise in social network phishing," said Vinny Gullotto, general manager of the Microsoft Malware Protection Center (MMPC), during the launch of Security Intelligence Report Volume 10 (SIRv10).

SIRv10 focuses on the period of July to December 2010 and gathers analysis of data from more than 600 million systems worldwide.

Attackers continue to incorporate social lures that appear to be legitimate marketing campaigns and product promotions. Six of the top 10 most prevalent malware families in the second half of 2010 fall into these categories of attack methods. Criminals using these malware families make money through tricking users with pay-per-click schemes, false advertisements, or fake security software for sale.

SIRv10 also shows that worldwide detections of adware increased 70 per cent from the 2nd quarter to the 4th quarter of 2010. A major contributor to the rise is Pornpop, which usually displays pop-up adult advertisements.

Meanwhile, Gulloto pointed out that CIOs should beware of the rise of worms, especially Vobfus, a family that spread via network and removable drives through the autorun function in the Windows operating system. One method to address this threat is to update patches, he said.



Sign up for CIO Asia eNewsletters.