Baitware gets better - we should all be vigilant

Abrahams Accessibility Peter Abrahams 7th February - Android: Ice Cream Sandwich Accessibliity

The Norfolk Punt David Norfolk 7th February - BCS CMSG Conference 2012

MWD Advisors Neil Ward-Dutton 3rd February - Developing process applications: a place for everything, and everything in its place

Fern Halper Dr Fern Halper 31st January - Four Vendor Views on Big Data and Big Data Analytics: IBM

Bloor Security Blog Fran Howarth 30th January - Getting ahead in the cloud

Bloor IM Blog Philip Howard 25th January - Cassandra and Hadoop

Blogs > Nigel Stanley

By: Nigel Stanley, Practice Leader - IT Security, Bloor Research
Published: 7th July 2009
Copyright Bloor Research © 2009

I am always rattling on about good end user education when it comes to IT security. Let's face it, with a well educated, aware and on the ball work force your chances of them introducing malware through social engineering or phishing attempts should be reduced.

The problem is that the quality of "baitware"—that is emailed documents that contain malware—is improving. F-Secure have an interesting selection of baitware on their site (http://www.f-secure.com/weblog/archives/00001715.html). The quality of the written prose is a lot better than usual and the business speak quite convincing. Most of these would be convincing to a lot of users, except the last example of a prize winning notification.

This just goes to show that we all need to be switched onto this threat and the days of sniggering at poorly written scam emails maybe drawing to a close.

Reader Comments

We automatically stop accepting comments 180 days after a post is published. If you would like to know more about this subject, please contact us and we'll try to help.