We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Beware the anonymous email message

Don't respond, contact IT

Luckily for Lyndon Brown, employees at US hotel company Wyndham International are well-trained. They know that email from the IT department always comes from the vice president of customer service in IT. So when some employees got a message from [email protected] that said IT would delete their email accounts if they didn't respond with their passwords, they didn't bite. Instead, two employees forwarded the message to Brown, Wyndham's manager of strategic support systems.

The employees' suspicions were well-founded. The message was not from IT, but had slipped through the company's email gateway from the outside because a spoofed "from" address made it look like an internal message.

No harm came of the message because no one responded to it. In fact, no one could have, since the return address was invalid. But the incident gave Brown pause. Had the return address been usable and employees less cautious, it could have been disastrous. "If a user had put in his name and password, he would have been giving access to the network away," he says.

Any company with corporate data worth safeguarding should be concerned about phishers who might pose as an internal department to trick employees into giving up passwords to corporate systems.

"Every company is vulnerable to internal phishing," says Matt Cain, senior vice president of Meta Group. "It's a matter of how strong your spam defenses are."

If they're not strong, watch out. Cain knows of one phisher who launched an attack against a company, systematically emailing thousands of possible addresses in the company's domain to see which ones were valid.

A week later, the phisher launched a second attack, culled the new addresses from the second week's list and sent that group a message purporting to be from IT. The message asked users to verify their passwords. Several new employees didn't know any better and complied. Although Cain doesn't know whether the phisher actually got at corporate data, IT nevertheless had to mop up.

At Wyndham, after IT got spoofed three times in eight months, Brown decided to shore up his spam defences by implementing MailFrontier's antifraud feature, which tells users when messages have been quarantined because they look fraudulent.

He's also trying to raise employees' awareness of what should and shouldn't arrive in email, and is considering developing an online tutorial on email dos and don'ts. In addition to investing in technology, Brown also appeals to a higher power. "I say a prayer every now and then," he says.

IDG UK Sites

Apple promises developers better stability, performance for Swift

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...