The number one hook in most of the targeted malicious SPAM I’m seeing lately has to do with jobs. Either fake “responses” to a resume/CV, or offers of employment. With the US official unemployment rate above 9 percent, and the actual number of unemployed closer to 1 in 5, spammers know how to get their links clicked, or viruses spread. People that may normally be cautious, are less likely to be so after an extended time out of work. That is human psychology at work.
This week’s attack targets the social networking site, LinkedIn, aimed at professionals and job seekers. According to the article in security week “cybercriminals began sending massive volumes of spam email messages targeting LinkedIn users.” The spam attempts to get the user to click on a link that goes to a website that installs malware. This is even more insidious because not only does it target people may be looking for a job, it attempts to rob them via “the most prevalent banking malware platform”.
I am seeing more and more specifically targeted attacks against organizations using links to known “trusted” websites and through mobile applications. Malware, viruses, and spam is becoming more sophisticated and professional in it’s use and deployment. It’s no longer enough for an organization to rely on just one vendor for their security needs. It’s imperative to have multiple eyes on your network, users, and systems. Firewalls need to be coupled with IDS systems from different vendors. Security appliances and software has to crawl, analyze, and examine links from the target network in real time, especially https links, and not just send them back to be analyzed later.
The latest spate of malware, spam, and virus activity is a reminder that the targets of these attacks aren’t just the uninformed, or unprotected. It is also the desperate and hopeful. People or organizations with a willingness to pray on people’s greatest hope while they are in their darkest place has a technical term – scum.