Viruses + Social Engineering = 2003: Page 2
When the IT department — and specifically, the Mail Admin — was asked to do something about it, the reply was "that all users have anti-virus, shouldn't double-click on attachments and should set up filters using Outlook so they wouldn't have to see the e-mails come in".
This is a poor way of dealing with this issue. Users are not computer experts. Administrators and tech support staff are. Users have been trained to perform their jobs and to generally believe, for the most part, that whatever hails from the Internet is a valid form of communication and thusly must be true.
The expectation that users should inherently be able to protect themselves do this is an incorrect one and one that I believe will continue to result in the continued spread of viruses. Rather than being reactive, perhaps it might be worthwhile for administrators to be proactive.
There are, unfortunately, still things that get through. Swen introduced an element of social engineering that hadn't been seen in viruses before. By pretending to be a legitimate company, the virus writer gave users a reason to want to click on the attachment. Social engineering has subsequently seen an increase in its use for spam messages.
What is worse is that there are many messages that get users to respond by putting in personal information like credit card information, phone, address, SSN, SIN, etc. or, in a recent example, cause users to flood the victim company with complaint phone calls. While users aren't expected to be that technically inclined, it is still worthwhile to educate them on the dangers of the Internet and that not everything that resides there is safe.
Some tricks to help admins and users deal with spam and viruses:
- Avoid using Outlook if possible. Many viruses are dependent on the integration that is offered by Outlook and Microsoft OS platforms
- Turn off the ability to view emails in a preview pane. Although it takes a few extra seconds to double-click and open an email, it does avoid some problems that are often found with anti-virus checking and preview pane options
- Turn off HTML email (receipt and sending of). HTML emails hide some of the social engineering techniques used spammers and virus authors (last time I checked, Microsoft.com was headquartered in the US, not Russia).
- Be vigilant. The Internet is home to many truths, but as 2003 has shown, it's a breeding ground for lies. Users should take everything that's deposited into their inboxes with a grain of salt.