Reply to post: How can a member of front line staff tell?

Emotet malware gang re-emerges with Chrome-based credit card heistware

Mike 137 Silver badge

How can a member of front line staff tell?

"The attacks we have seen hitting Japanese victims are using hijacked email threads and then using those accounts as a launch point to trick victims into enabling macros of attached malicious office documents,"

If they're essentially masquerading as trusted sources, there has to be a better way to protect than relying on the front line to decide what's legitimate and what's not without the requisite expertise or training. A lot could be done by rigorous examination at the gateway, or even better, by a specialist external proxy service (or even better still, by both). At the simplest level, an email purporting to come from an internal source shouldn't cross the boundary gateway, and that could readily be prevented by technical means.

The biggest victim side contributor to this kind of attack succeeding is inadequate security management. Blaming the end user is most commonly just a way of avoiding recognising this massive 'elephant is the office'.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon