Phishing emerges as security threat
By Ashley Curtis
10/05/2011
Suspect emails containing harmful malware links are becoming increasingly prevalent in organisations, MarkDalby.com has reported.
'Phishing' emails are hurting more and more organisations it said, as they dupe the reader into opening an apparently legitimate file.
According to Anup Ghosh, a security expert, phishing emails are now the preferred method for breaking and entering digitally.
He told Computer World: "You only need a very low click-through rate to establish several points of presence inside an organisation. If you have 1,000 employees in your organisation and you train them all on not opening untrusted attachments, you'll still have someone doing it."
"This is not a problem you can train yourself out of."
Firms like the Oak Ridge National Laboratory and EMC's RSA security division have been breached due to phishing, a type of attack previous described as "low-tech."
The breaches highlight the importance of installing security measures like systems management software so harmful emails can be targeted and eliminated before they are opened.
Last month, Oak Ridge lab disclosed details of its phishing attack; claiming that a harmful email was sent to around 570 employees. The email was disguised to look like a memo about benefits changes written by the lab's HR department.
However, when a handful of employees clicked on the embedded link in the email, malware was downloaded to the computers.
