A warning which is currently circulating in security circles concerns a Spear Phishing attack masquerading as a company virus warning. The object is to trick users into installing malware on their computers which would compromise their security.
Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Named after Fishing, (baiting a hook) the message could claim to be from a bank, online payment processor or a social media site.
Spear Phishing (sometimes written as Spearphishing) is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. This is usually by impersonating a company employee via e-mail to steal usernames and passwords from colleagues and gain access to the company systems. Spear phishing is commonly used to refer to any targeted email attack, not just limited to phishing.
The particular attack which is currently circulating attempts to trick users into believing they are downloading an approved anti-virus update from the company’s IT department, to combat a new kind of virus. However, if they do succumb to temptation, they will install a Trojan horse. According to the Sophos Naked Security blog post, Sophos anti-virus products detect the malware as Mal/Generic-L and Troj/Inject-QL.
If you ever receive an odd email recommending that you click on a link to install something, check with your IT department to see if the instruction is genuine. They would much rather you checked than put the network at risk from malware infection.
For more details of the Spear Phishing Attack Warning, including a sample email message, click here to view the Sophos Sneaky fake company virus warning