Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Customer Data / Spammers Prey on Cheat Site Users
Ashley Madison Breach Spawns Malicious Spammers
Ashley Madison Breach Spawns Malicious Spammers
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
27
2015
It didn’t take long for spammers to tap into the fear associated with the Ashley Madison breach -- a breach some security researchers argue could have been prevented. AppRiver, an e-mail and Web security firm, is reporting spammers are leveraging the data leak for nefarious purposes.

Indeed, the ripple effect from the Ashley Madison hack, which leaked the names of 37 million customers, continues rippling even beyond those who were cheating on their spouses. Ashley Madison describes itself as “an online personals and dating destination for casual encounters, married dating, discreet encounter and extramarital affairs.”

Ashley Madison was first hacked in July but the hackers have now made the private information of the site's users public. High-level federal employees used work Internet systems to join Ashley Madison and blackmail campaigns are reportedly underway. Spammers are taking advantage of the curiosity of the masses.

More Attacks Coming

We caught up with Troy Gill, manager of security research at AppRiver, to get his thoughts on the spam issue. He told us cybercriminals are opportunists in every sense of the word -- so it’s no surprise to see that they are beginning to exploit the Ashley Madison breach for profit.

“We have already seen spam that attempts to capitalize on the event by drawing in both curious onlookers and anyone actually connected just the same,” he said. “And, I expect to see a larger variety of attacks centered around this event going forward, with even more sinister intent.”

Gill explained that malware posing as the Ashley Madison data is already being posted on the Internet. He said he expects to see more of this going forward, with the addition of fake malicious attachments in e-mails posing as the Ashley Madison data as well.

On a side note, users with e-mails listed in the breach itself should beware of malicious messages as they could be coming soon, he said. Specifically, AppRiver expects additional targeted cyberattacks to surface in the coming weeks as a result of the more than 250 thousand spam messages exploiting the data of millions of people.

Protecting Yourself

After all these years, Symantec reported that e-mail is still a significant attack vector for cybercriminals in volume 20 of its Internet Security Threat Report -- but the cybercrooks continue to experiment with new attack methods across mobile devices and social networks to reach more people with less effort.

“Cybercriminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work,” said Kevin Haley, director of Symantec Security Response, in the report. “Last year, 70 percent of social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friends.”

Symantec issued best practices for both businesses and consumers. For businesses, Symantec warned not to get caught flat-footed; to employ a strong security posture; to prepare for the worst; and to provide ongoing education and training.

“Use advanced threat intelligence relevant products/services solutions to help you find indicators of compromise and respond faster to incidents,” the firm said. “Implement multi-layered endpoint relevant products/services security, network security, encryption, strong authentication and reputation-based technologies. Partner with a managed security service provider to extend your IT team.”

For consumers, Symantec stressed the importance of using strong passwords, being cautious on social media and knowing what they are sharing. “Don’t click links in unsolicited e-mail or social media messages, particularly from unknown sources," according to Symantec. "Scammers know people are more likely to click on links from their friends, so they compromise accounts to send malicious links to the account owner’s contacts.”

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN CUSTOMER DATA

NETWORK SECURITY SPOTLIGHT
Britain's cybersecurity agency has told government departments not to use antivirus software from Moscow-based firm Kaspersky Lab amid concerns about Russian snooping.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.