According to web and email filtering company SurfControl, some of the latest spoofs enlist Javascript code to overlay fake address bars in email recipients' Web browsers that take them to fraudulent Web sites. This often results in victims becoming much more inclined to offer up personal information, like passwords or account details, to spammers.
The latest brand spoof, found by the company May 12, has targeted U.S. Bank and is one of the more advanced examples of the scam the company's researchers have seen.
SurfControl suggests that companies undertake the following steps to defend against such scams:
- Advise end-users not to volunteer confidential information in response to an unsolicited e-mail. If they believe the message may be legitimate, they should contact the organization directly.
- Inform users never to follow any link in an unsolicited or suspicious e-mail. Such a visit may bring back viruses, Trojan horses and more threats that could enable spammers to control computers remotely.
- Update anti-virus and operating system software to have the most recent security updates.
- Monitor internet and spam security information resources to remain up-to-date with the latest spam and Internet security threats.
.png&h=140&w=231&c=1&s=0){kind=logo}
_(28).jpg&h=140&w=231&c=1&s=0)
_(23).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
