1 minute
By Barb Kachelski, CAE
Monday during Steve Williams' "Best Practices in CU Technology" session at CEO Network, he said one of the questions no one can answer about the future is will the scales tip away from hackers, spammers, spoofers, etc. back to highly secure computing. Right now, he said, we are losing the battle, with our technology folks redirecting time they once spent on projects, reporting and other useful work to protecting our data and recovering from virus attacks.
As if I needed further proof of this, one day later all CUES staff received this e-mail from CUES Network Administrator Mary Wood:
I have to warn you about the latest wonder cootie: an e-mail message that all you have to do is LOOK at and it sets up information traps to steal your online financial IDs and passwords.
According to an article in Information Week, "Opening the wrong e-mail may soon be enough to empty your bank account. In an effort to woo security-conscious computer users, "phishers" have come up with a new technique to harvest online banking details without requiring users to click on a Web link and enter personal information on a submission form.
This new form of attack, directed specifically at users of online banking, runs a script when a phishing e-mail message is opened, according to e-mail and virus security company MessageLabs Ltd. The script tries to rewrite the host files on the machine of the recipient. On subsequent attempts to access online banking services, victims will unknowingly be redirected to a fraudulent Web site designed to capture their log-in details."
Protect yourself by reading up on Windows Scripting Host.
Doesn't that sound like fun?
Barb Kachelski, CAE, CUES SVP/CIO