Eugen Tarnow January 31 2012 03:19:05 PMIn last week's Wall Street Journal a feud between two brothers caused one of the brothers to pay a few hundred dollars to a Chinese hacking group IHG to break into the other brother's email.
IHG "requested the target person's email address, the names of friends or colleagues, and examples of topics that interest them. The hackers would then send an email to the target that sounded as if it came from an acquaintance, but which actually installed malicious software on the target's computer."
Since targeted hacking is so cheap it is an overwhelming threat that uses email systems for delivery. Lotus Notes has apparently never been targeted with a system specific virus (for example, opening an email message in Outlook can cause a virus to be installed - another reason for security conscious companies to choose Lotus Notes!). Nevertheless the emails that are delivered may contain viruses that log key strokes. The hacker attachments can get by the anti-virus software because they tweak the virus so that it passes through all common anti-virus software.
I am not sure what a Lotus Notes administrator can do about this. One way may be to track who is getting unusual attachments with ReduceMail Pro Audit and have automatic emails delivered telling the users to be cautious about opening their attachments and why.
- Comments