|
Many in the security industry say those launching SoBig family virus attacks, possibly including Bagle.A, are organized criminals that plan more severe and sophisticated attacks. SoBig and Bagle.A can log users' keystrokes as a way to steal passwords and other private data, and the viruses are also programmed to set up proxies in contaminated machines in order to send spam. The worms' characteristics, say experts and law enforcement, show that they are being used for identity theft and financial fraud on a large scale. Those responsible for the worms, say some in the security industry, are using data retrieved from contaminated machines to enable bank and credit card fraud, possibly in tiny increments, against thousands of victims. They also can use the proxies installed by the worms to send out huge amounts of spam, which fraudulently claim to come from PayPal, eBay, and several banks. The messages ask for passwords and account numbers and are being generated by the same proxies. In order to deal with new challenges arising from the worms, administrators are advised to block executable files at the mail gateway, and tell users to confirm any unexpected attachment, even those from people they know. Administrators also can look for sudden includes in traffic on unusual ports or client machines sending large amounts of mail messages.
|
Information Sources, Inc.
![[Get Copyright Permissions]](http://license.icopyright.net/images/icopy-w.gif){kind=small}