We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Home PC insecurities used as ammo in office attacks

Get set for three times as many phishing emails

You’re going to be assaulted by just as much spam in 2005 as you were last year – and as much as three times more of it will be in the form of phishing emails.

Email filtering company Postini analysed the 95bn emails it processed last year and, in its Annual Threat Report, published today, warns that phishing is only going to get worse. Worryingly, insecure home PCs may be helping spammers target us more effectively.

Although many of us are already on the alert for scam emails, it seems we’re not doing all we can to prevent these malicious messages from arriving in our inboxes in the first place. Yet logic dictates that if you don’t receive the spam messages, you can’t be fooled into following their links and be diddled out of your savings.

What’s more, ‘blended’ threats that combine spam messages with Trojan applicationss that sneak in and secretly install themselves are becoming more prevalent. Antivirus and anti-spyware programs can be used to detect these, but the concern is that huge numbers of our home PCs are already infected. Postini claims more than a million PCs in the US are being used – without their owners’ knowledge – as zombie machines.

Once installed the Trojans can be remotely controlled – along with other zombie PCs that have been similarly compromised – and their combined power used to target office email servers and retrieve staff and business partners’ email addresses.

Usually, spammers have to send out hundreds of emails and blithely hope some of them are active accounts. DHA (directory harvesting attacks), however, provide spammers with email addresses they can be sure exist while bounce backs generated by mail servers not only clog up the bandwidth needed to deliver legitimate traffic but also help spammers refine their target lists for future attacks on other companies’ networks.

Postini spokesman Scott Petry believes DHAs were the least visible and most underreported threat of 2004.

Small businesses, in particular, receive vast amounts of spam, probably because spammers assume their security provision will be less robust and because small companies have to do more in the way of self-promotion to compete with larger rivals and are more likely to list staff contact details on websites and elsewhere.

IDG UK Sites

Apple promises developers better stability, performance for Swift

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...