Holiday Malware Risks
Happy Holidays! This is just a reminder that the Holidays are always a very active time for the “bad guys.” Malware writers and phishers prey on our cheery attitudes and overactive messaging habits to slip in malicious emails. There are a few popular attacks that pop up like clockwork around the holidays each year, and so you should make your users aware of these attacks.
The first attack, email postcards, is a rather old method but appears to prove successful for the malware writers as we see them every holiday season. Malicious postcard emails are rather dangerous because there are two varieties that could possibly be used. In both cases, the subject of the email will read something like, “You Have a Holiday Post Card from a Friend!” In the first case, an attachment will be included which will appear to be the postcard. The attachment is actually a malicious file which has historically been a variant of the Waledac email spamming worm. The other form of this attack will instead have a link which will forward the user to a website which may look like a postcard, but that will also automatically download some malicious code or executables.
The holidays are also a ripe time for phishing emails because everyone is shopping and watching their bank accounts, so any emails from the bank will be noticed. Users will need to be on the lookout for these messages and immediately delete these emails. Many banks have a policy of never sending or requesting important information via email, and anything important regarding accounts should be discussed over the phone or in person.
Following standard email security standards will ensure that your networks are not hit with any holiday malware. Careful inspection of all email is always recommended and any questionable emails should be forwarded to necessary channels for inspection.
Reference Links