Following the Christmas and New Year holidays, E-Card spam has come back. The trick claims that the link inside is a holiday e-card to dupe users into clicking it. Actually, it would connect to a malware site and download worms. Users’ computers would be compromised. Though e-card spam is hardly new, but it still injures some networks. Cellopoint Labs indicates that the spammers are trying to use a redirection and DNS technique to hide its real IP addresses. It’s different from peer-to-peer downloading, spammers employ open-source package to pack malware into auto-executable file to escape from anti-virus detection. Waledac, the worm, collects email addresses and bank information from infected computers then send out more spam. The tactics bring social engineering into full play. They are trying to raise large attacks.
Cellopoint Labs said that is not easy and without the strong hand to ask end users to check links before they click on and do not open unknown emails and attachments. The possible way is to quarantine suspected email for verifying before going to users’ mailboxes. Cellopoint Security Gateway has a build-in Policy Engine to assist IT administrators to set up executable files filter rules and related process actions. When it meets the criteria, Policy Engine will cope with email based on pre-defined actions. You can quarantine it or send it to wait-for-confirmed area. It can reduce the risk of accidental clicking on worm links.
On top of that, businesses should ensure their anti-virus and anti-spam solutions all up to date. The common reason for infection is that users did not update the system patches. Cellopoint provides automatic update for anti-spam database. Cellopoint Security Gateway checks update from Cellopoint Global Anti-spam Center every five minutes. Also you can customize the timeframe to your business need. Through Cellopoint 24*7*365 real time monitoring and database update, we convince our users for a safety network environment.
