In Spam that delivers a pink slip, Computerworld presents a case study on an organization whose staff received spear phishing emails. "Last week, a handful of employees at Dekalb Medical Center in Decatur, Ga., received e-mails saying they were being laid off. The subject line read "Urgent - employment issue," and the sender listed on the message was at dekalb.org, which is the domain the medical center uses. The e-mail contained a link to a Web site that claimed to offer career-counseling information. And so a few employees, concerned about their employment status and no doubt miffed about being laid off via e-mail, clicked on the link to learn more and unwittingly downloaded a keylogger program that was lurking at the site." The article seems a little confused about the distinction between spammers and fraudsters but is basically sound. Other local hospitals were reportedly targeted so it is possible that this was in fact simply an ordinary spam, but the potential for delivery of keyloggers, rootkits and other malware is plain to see.
More malware, email and social engineering links