Story image

Spam the scammers

01 Oct 10

Protection of company data and productivity are two major issues facing businesses today. Technology is evolving at an increasing rate and the rise of blended threats, together with the popularity of social networking, means security professionals face a tougher challenge than ever.
Currently, more than 88% of all email sent is either unwanted spam or malicious email, such as blended email attacks. Blended attacks use more than one avenue to break through the security gateways of ERP software systems to deliver malware viruses. Accounting for more than 176 billion messages per day, you can understand that this has become a serious and growing issue.
The latest type of blended threat to emerge is one that uses a powerful combination of email and web to deliver its payload and infect a user’s computer. The attacker sends an email message with an embedded URL link. The intrigued user then clicks on the URL link, which either prompts an immediate malware download, or redirects the user to a web page, where they are invited to download and subsequently install a crucial ‘update’, which inevitably turns out to be malware.
Web 2.0 is commonly associated with websites or web applications that facilitate interactive information sharing and collaboration online. A Web 2.0 site gives its users the ability to interact or collaborate with each other in a social media dialogue, as creators of user-generated content in a virtual community. This is in contrast to typical websites where users are limited to the passive viewing of static content that was created for them. As more and more activity, both personal and commercial, is carried out over the web, it has become a prime target for criminals.
The real problem posed by Web 2.0 is that it can lead to a false sense of security, because users assume that legitimate and reputable websites are safe. Many cyber criminals use Web 2.0 websites and this sense of legitimacy to enhance the success of their attacks or ‘requests for personal information’.
What can be done?
Organisations need to ensure they effectively manage all content passing through their system, to protect their public profi le and to safeguard the business’ bottom line. Due to the increased number and complexity of security threats, a single-solution approach is no longer feasible. Today, up to 90% of malicious code on the web resides on infected, yet legitimate websites and is typically obfuscated to evade traditional security solutions.
A Secure Web Gateway (SWG) provides the layered security required to keep hackers at bay. By using active, real-time code analysis technologies, malicious code embedded within web content (regardless of the URL source or reputation) can be identifi ed and malware blocked before it can reach end users.
The reseller’s role in threat management
End users may not need to constantly change their IT security or defence mechanisms, however resellers play an important role in reminding businesses to constantly evaluate the risks to their IT systems and ensure they are not lagging behind.
One of the areas that we regularly see as an issue for endusers is in understanding when to change or add products in their security protection mechanisms. Educating businesses about available vendor solutions to match specifi c infrastructure, risk profi les and future needs is one key area where resellers can best assist businesses.

Microsoft NZ bids Goldie a “fond farewell”
Microsoft New Zealand director of commercial and partner business takes new role across the Tasman. The search for his replacement has begun.
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
Accenture 'largest Oracle Cloud integrator in A/NZ'
Accenture has bought out Oracle Software-as-a-Service provider PrimeQ, which now makes Accenture the largest Oracle Cloud systems integrator in Australia and New Zealand.
Telesmart to deliver Cloud Calling for Microsoft Teams
The integration will allow Telesmart’s Cloud Calling for Microsoft Teams to natively enable external voice connectivity from within Teams collaborative workflow environment.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
White box losing out to brands in 100 GE switching market
H3C, Cisco and Huawei have all gained share in the growing competition in the data centre switching market.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.