It didn’t take long for spammers to tap into the fear associated with the Ashley Madison breach -- a breach some security researchers argue could have been prevented. AppRiver, an e-mail and Web security firm, is reporting spammers are leveraging the data leak for nefarious purposes.
Indeed, the ripple effect from the Ashley Madison hack, which leaked the names of 37 million customers, continues rippling even beyond those who were cheating on their spouses. Ashley Madison describes itself as “an online personals and dating destination for casual encounters, married dating, discreet encounter and extramarital affairs.”
Ashley Madison was first hacked in July but the hackers have now made the private information of the site's users public. High-level federal employees used work Internet systems to join Ashley Madison and blackmail campaigns are reportedly underway. Spammers are taking advantage of the curiosity of the masses.
More Attacks Coming
We caught up with Troy Gill, manager of security research at AppRiver, to get his thoughts on the spam issue. He told us cybercriminals are opportunists in every sense of the word -- so it’s no surprise to see that they are beginning to exploit the Ashley Madison breach for profit.
“We have already seen spam that attempts to capitalize on the event by drawing in both curious onlookers and anyone actually connected just the same,” he said. “And, I expect to see a larger variety of attacks centered around this event going forward, with even more sinister intent.”
Gill explained that malware posing as the Ashley Madison data is already being posted on the Internet. He said he expects to see more of this going forward, with the addition of fake malicious attachments in e-mails posing as the Ashley Madison data as well.
On a side note, users with e-mails listed in the breach itself should beware of malicious messages as they could be coming soon, he said. Specifically, AppRiver expects additional targeted cyberattacks to surface in the coming weeks as a result of the more than 250 thousand spam messages exploiting the data of millions of people.
After all these years, Symantec reported that e-mail is still a significant attack vector for cybercriminals in volume 20 of its Internet Security Threat Report -- but the cybercrooks continue to experiment with new attack methods across mobile devices and social networks to reach more people with less effort.
“Cybercriminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work,” said Kevin Haley, director of Symantec Security Response, in the report. “Last year, 70 percent of social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friends.”
Symantec issued best practices for both businesses and consumers. For businesses, Symantec warned not to get caught flat-footed; to employ a strong security posture; to prepare for the worst; and to provide ongoing education and training.
“Use advanced threat intelligence relevant products/services solutions to help you find indicators of compromise and respond faster to incidents,” the firm said. “Implement multi-layered endpoint relevant products/services security, network security, encryption, strong authentication and reputation-based technologies. Partner with a managed security service provider to extend your IT team.”
For consumers, Symantec stressed the importance of using strong passwords, being cautious on social media and knowing what they are sharing. “Don’t click links in unsolicited e-mail or social media messages, particularly from unknown sources," according to Symantec. "Scammers know people are more likely to click on links from their friends, so they compromise accounts to send malicious links to the account owner’s contacts.”