REGISTER

email 14 48

Article Index

By Mel Duvall, Chief Content Officer at CIOZone

Nov 1 2009 - Forget about vampires, ghouls and zombies. You were much more likely to receive a fright this year from something lurking in your e-mail.

Just in time for Halloween, security software vendor Proofpoint has come up with a list of the Top 10 Terrifying E-mail Blunders of 2009.

There were the usual crop of Trojan horses and phishing expeditions, but as the surprising list points out, some of the scares go all the way up to White House and the FBI.

In no particular order, here are the top 10 according to Proofpoint.

Trojan Horse Empties Bank Accounts

In September, it was reported that a banking Trojan horse, dubbed URLZone, had thwarted fraud detection systems, to enable software to actually steal money while users are logged in to their accounts and display a fake balance.

Victims' computers were infected either by clicking on a malicious link in an e-mail or visiting a Web site that had been compromised with hidden malware.

FBI Forgery

The wife of FBI director Robert Mueller banned him from online banking after he nearly fell for a phishing scam.

Mueller received a seemingly legitimate e-mail from what he thought was his bank, which prompted him to verify some information.

He went as far as filling out some of his personal information before realizing it was a scam. Mueller half-joked to the Commonwealth Club of California that his wife banned him from Internet banking.

White House Adopts Spammer Tactics

In August, the White House e-mailed thousands of messages to Americans detailing its stance on the contentious issue of healthcare reform from an e-mail account created to gather and dispel rumors, but some recipients claimed the messages were unsolicited.

The White House acknowledged the unsolicited e-mail and blamed third-party groups for the mass mailing, but the damage was done.


Hotmail Phishing

More than 10,000 Hotmail accounts were compromised in October and passwords were posted on several Web sites where developers typically share programming code.

Startup Suicide

In September, social media advertising and applications startup RockYou sent out a mass e-mail to their customers and associates announcing their new site redesign, but mistakenly displayed the entire mailing list of over 200 email addresses in the "CC" field.

Not surprisingly, many of those addresses ended up on a spammer's list.

Judge Orders Gmail Account Deactivated

In August, Wyoming-based Rocky Mountain Bank accidentally sent names, addresses, Social Security numbers and loan information of more than 1,300 customers to a Gmail address.

When the bank realized the problem, it sent a message to that same address asking the recipient to contact the bank and destroy the file without opening it.

After getting no response, the bank contacted Google and eventually went to court, getting an order to have the account deactivated.

Payroll Panic

Payroll processor PayChoice was the victim of a Web site breach in which customers received targeted e-mails purporting to be from the company, but were designed to trick people into downloading malware.

U.K. Tax Terror

Britain's tax authority, HM Revenue & Customs, issued a warning about a rash of scam e-mails that used convincing (but fake) government e-mail addresses in an attempt to lure recipients into divulging their personal information to receive a tax refund.

The scam messages claimed that recipients were entitled to a tax refund and asked for bank or credit card details, so that the fictitious refund could be paid out.

Death, Taxes and Phish

In September, a fake e-mail notice that purported to come from the Internal Revenue Service made the rounds.

The bogus message, containing a subject line of "Notice of Underreported Income," contained a link or an attachment that, if opened, infected users with the Zbot/Zeus Trojan, a nasty credentials-stealing program.

University Fake-Out

In March, University of California San Diego sent out an acceptance congratulation letter to 46,000 students.

Unfortunately, the e-mail was sent out in error to all 46,000 students who applied to attend the school, and only 18,000 had actually been accepted.

The university soon realized its error and had to send out a very humble apology.

Article Source

MetricStream TPRM

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

Log in

Please Login to download this file

Username *
Password *
Remember Me

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

CyberBanner

MetricStream TPRM

CyberBanner

CyberBanner

Go to top