Socially-engineered hackers 'pose security threat'

2009-11-09

Companies seeking to avoid a data breach may be concerned about socially-engineered hackers, who look to encourage users to download viruses unwittingly.

Blogging for Sophos, security expert Graham Cluley pointed to these kinds of exploits, which involve a fake message from a lover, asking for photos and email addresses of the targeted user.

Those users that reply receive a .zip file back, supposedly featuring images of the woman, he explained.

It will in fact contain a virus which will enter the user's computer on downloading, Mr Cluley noted.

Mark Fullbrook, director for the UK and Ireland at Cyber-Ark software, has recommended that users should have a "vault" system in place.

This will allow users to "have a very secure repository of information, while still having a general area, so if there is a breach it is within the lower-level data, not the higher-level".

WatchGuard Technologies recently reported that, according to the US Department of Homeland Security, 25 per cent of all cyber-security breaches involve schools.

Read more security news.