The latest brand spoof, found by the company May 12, has targeted U.S. Bank and is one of the more advanced examples of the scam the company's researchers have seen.
SurfControl suggests that companies undertake the following steps to defend against such scams:
- Advise end-users not to volunteer confidential information in response to an unsolicited e-mail. If they believe the message may be legitimate, they should contact the organization directly.
- Inform users never to follow any link in an unsolicited or suspicious e-mail. Such a visit may bring back viruses, Trojan horses and more threats that could enable spammers to control computers remotely.
- Update anti-virus and operating system software to have the most recent security updates.
- Monitor internet and spam security information resources to remain up-to-date with the latest spam and Internet security threats.