By Cara Garretson, NetworkWorld.com, 11/01/06
Last week, a handful of employees at Dekalb Medical Center in Decatur, Ga., received e-mails saying they were being laid off. The subject line read “Urgent – employment issue,” and the sender listed on the message was at dekalb.org, which is the domain the medical center uses. The e-mail contained a link to a Web site that claimed to offer career-counseling information.
And so a few employees, concerned about their employment status and no doubt miffed about being laid off via e-mail, clicked on the link to learn more and unwittingly downloaded a keylogger program that was lurking at the site.
Score another one for spammers.
Called targeted spam or spear phishing, this type of spam that’s currently on the rise is particularly vexing because the spammer is able to “spoof” the sending e-mail address to make it look like it’s coming from within the organization of the recipient, making it difficult for spam filters to catch. And, unlike traditional spam that is sent in the thousands, spammers are sending just handfuls of these messages at a time, again making it difficult for antispam technology to detect.
“We blocked a ton of spam at our e-mail gateway because the [sender] addresses are not valid, but these were,” says Sharon Finney, information security administrator at Dekalb Medical Center that has 3,500 employees.
The IT department at the medical center found out about the scam when an employee in the HR department, who had received a frantic call from one of the scam’s recipients, called the company’s CIO. The first thing the IT department did was to set its Web filtering software to block all users from visiting the site linked to in the spam, says Finney.
The rest of the story can be found HERE