Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Advanced persistent threats and targeted attacks often use socially engineered email as their point of entry into a target network.* Considering the volume of email traffic that an average business user sends (41) and receives (100) in a single working day and the relative ease by which social engineered emails are crafted and sent, enterprises need to reexamine how they secure this aspect of business communication.

    Different social engineering techniques have been used in past targeted attacks. For instance:

    • Attackers send these email via popular webmail accounts
    • Attackers send these from previously compromised email accounts
    • Attackers use spoofed email addresses that mimic departments or figures of authority

    These email often carry exploit attachments that leverage vulnerabilities in popular software in order to compromise the victim’s computer. Upon compromise, the rest of the APT campaign folds out into the network.

    Enterprises and especially the security groups that defend the network need to become more aware how simplistic it is for attackers to take advantage of email, seeing as email is the most common form of business communication. TrendLabs developed the primer Are Your Business Communications Secure? and the infographic Covert Arrivals: Targeted Attacks Via Employee Boxes, both of which tackle the dangers of email when it comes to advanced persistent threat campaigns. Click on the thumbnails below to download the materials:

    Developing and utilizing external and local threat intelligence is a key enabler in any APT defense strategy. The Threat Intelligence Resources page is a reliable source of the latest in research and analysis on advanced persistent threats for IT, system and network administrators: the enterprise’s network defenders. Visit this page as it will be updated with new content to keep you posted on the latest developments in targeted attacks.

    * This is not to say all APTs arrive via email, as there is definitely a wide range of entry points available to threat actors.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice