How Smart They Think We Are...
September 2008
Companies continue to overlook evolved virus attacks. A recent security advisory from a messaging security company warned that service providers are placing e-mail users at risk by continuing to ignore sophisticated virus propagation techniques. Attackers are moving beyond traditional tactics, such as sending messages with virus executables attached or virus-infected documents, to employing hybrid attacks that combine elements of both spam and viruses. In these attacks, malware authors embed links in informative or advertising e-mails. Recipients are enticed to follow these links to a Website that hosts the malware, which could be a virus, worm, or Trojan. These advanced threats embed anti-spam and anti-virus (AV) evasion techniques with the objective of eluding both spam and traditional AV filters. Most spam filters are not capable of catching these highly mutable threats because they do not follow the recurrent, mass e-mail tactics commonly found in spam. Likewise, conventional AV solutions bypass these messages as they appear to be spam or phishing. As these attacks become the norm, operators are urged to re-examine their anti-virus strategies and ensure that their messaging security processes are capable of detecting these hybrid threats.
Companies continue to overlook evolved virus attacks. A recent security advisory from a messaging security company warned that service providers are placing e-mail users at risk by continuing to ignore sophisticated virus propagation techniques. Attackers are moving beyond traditional tactics, such as sending messages with virus executables attached or virus-infected documents, to employing hybrid attacks that combine elements of both spam and viruses. In these attacks, malware authors embed links in informative or advertising e-mails. Recipients are enticed to follow these links to a Website that hosts the malware, which could be a virus, worm, or Trojan. These advanced threats embed anti-spam and anti-virus (AV) evasion techniques with the objective of eluding both spam and traditional AV filters. Most spam filters are not capable of catching these highly mutable threats because they do not follow the recurrent, mass e-mail tactics commonly found in spam. Likewise, conventional AV solutions bypass these messages as they appear to be spam or phishing. As these attacks become the norm, operators are urged to re-examine their anti-virus strategies and ensure that their messaging security processes are capable of detecting these hybrid threats.
posted by arkietechs at 7:16 AM
0 Comments:
Post a Comment
<< Home