Could Instant Messaging Be a Vulnerability?
There is a new Instant Messaging worm which targets users on MySpace. There may not be a many bankers using this at work, but some may and there is still a lesson to be learned here.
In this case the AOL IM user gets the worm. Then the phishing expedition begins as they are notified someone on their Contact list has pictures for them to view. They are given a false URL which then captures their MySpace logon information.
The message here is that you could be using IM for work purposes, but have you got adequate security and procedures in place to thwart such an action that could compromise your own network integrity? Could such an attack be used to gain access to a network logon, password or be used for social engineering and the gain of other confidential corporate information?
Information Security, Technology and Training need to work together to keep your staff on point as to data security and things out of the ordinary.
In this case the AOL IM user gets the worm. Then the phishing expedition begins as they are notified someone on their Contact list has pictures for them to view. They are given a false URL which then captures their MySpace logon information.
The message here is that you could be using IM for work purposes, but have you got adequate security and procedures in place to thwart such an action that could compromise your own network integrity? Could such an attack be used to gain access to a network logon, password or be used for social engineering and the gain of other confidential corporate information?
Information Security, Technology and Training need to work together to keep your staff on point as to data security and things out of the ordinary.
posted by Andy at
7:04 AM
0 Comments:
Post a Comment
<< Home