I just read the report about the Sony breach and that the compromise came from an email message to a Sony executive that looked like a genuine message from a familiar contact. It was not and it had an executable link that drop the malware on that person’s PC. Once in at that level, they searched for the IT director’s PC. This person would have access to everything on the network. We saw this same exact action occur in a large professional firm locally.
NEVER click on any link or attachment unless you are 100% certain that you should have received it. Call the party in the message if you are not sure. Some of the scams we are seeing right now are:
- Best Buy message regarding the product you bought
- UPS schedule link
- Utility enquiry
Trust no one and review this information with everyone on your network. Size does not matter to these people. They are after information or money or both. Spam filters and antivirus software work just so well. You must always be vigilant and if in doubt TRASH IT!!!
Jim Mahlmann