Qantas email scam plays on human vulnerabilities: IDC
- 11 December, 2012 13:54
A Qantas email scam, which contains malware, shows that humans are still the “most vulnerable vector” for cyber criminals to target, according to a security analyst.
Qantas has issued a warning about the seat selection fee receipts scam emails. According to the airline, the emails can easily be spotted as fakes because they include inaccurate amounts paid for selection and include an attachment which is understood to contain malware.
“Recipients of the email are being advised not to click the links or download the attached files. We also recommend that recipients run up-to-date security software on their PC and regular virus scans to help protect against security threats,” a Qantas spokesperson said in a statement.
The Qantas spokesperson added that its subsidiary Jetstar warned customers about scam emails featuring fake itineraries which came to the airline’s attention during the first week of December.
IDC Australia senior market analyst Vern Hue said that email scams are still “very prevalent” as they are profitable for scammers preying on unsuspecting victims.
“I believe that the human is the most vulnerable vector that cyber criminals target,” he said.
“Although the security solutions available in the market can detect a large amount of malicious content, the truth is that some of them will manage to evade detection.”
According to Hue, it is then up to the person who receives the email to make the right judgement on the authenticity of it and take the right security measures.
“From a business angle, proactive steps, such as engaging in external threat monitoring and cyber intelligence is a useful tool that proactively seeks out threats against organisations, and in this case, cyber fraud.”
However, he pointed out that the vast majority of cyber fraud threats target end-users and urged organisations to step up their investments in security awareness and education programs.
“This has to be treated not from a user policy perspective, but done in a very practical level to ensure the users know that their actions can make a difference,” Hue said.
Aside from ensuring that anti-virus, anti-malware and anti-spyware products are kept up-to-date, he said that end users should patch applications and the operating system they are running.
“Some other measures like using different security providers can help deter these attacks,” Hue said.
“The key here is to have a layered approach in safeguarding your IT environment.”
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why IT projects really fail
Queensland government to provide 200 services online by 2015
Call Centers Suffer From Big Data Overload
CIO 100: Carsales wins top gong for innovation
How to secure passwords and other critical numbers
Is your data centre growing too complex for your backup?
Backing up data today is growing more complex - and in an era of virtualisation, big data and cloud deployments, it can be difficult to maintain control over your data, resulting in loss and downtime. This hour-long webcast features expert commentary on navigating the complexity of backing up a heavily virtualised infrastructure; simplifying your backup software and hardware ecosystem; reducing the cost of backing up your organisation’s data, and modernising your backup infrastructure with integration. The presentations will conclude with an interactive Q&A session.
Deploying Flash in the Enterprise: Cost Comparison
Flash is quickly emerging as the preferred way to overcome performance limitations of hard disk drives, especially when your capacity requirements are relatively small and you require high performance. In this price comparison, we compare each solution's performance and capacity to address different storage challenges. Click here to download!
Multi-Factor Authentication; Current Usage and Trends
In this digital age, validating identities and controlling access is vital, which is why multifactor authentication has become such a fundamental requirement in so many organisations. This survey looks at the authentication landscape in Europe, the Middle East, and Africa, and offers insights into how it is expected to change in the coming years.