Ecards and email filtering

in the past two weeks, ecards became a major threat.

ecards (or electronic greeting cards) were always a perfect social engineering scheme, open for abuse. with the storm worm and massive exploitation, i believe it has become prudent to filter out all ecard messages in your email systems.

further, some training or awareness information on this subject distributed to your organizations could be very useful.

gadi evron,
ge@beyondsecurity.com

Share
  • http://blogs.securiteam.com/index.php/archives/955 msgsec

    sunshine,

    do you want to provide more detail in your terse blog?
    what exactly should we be filtering?

    ecards sent directly over email comes in executable attachments and would be scanned and dealt with caution just like any other virus or worm. ecards often come as links to open up as active content on web browsers. which type of ecards are you warning about?

    what social engineering scheme are you talking about? what abuse?
    you say filter out all ecard messages? what comprises all? do you have specific attachment types or subject lines?

    training and/or awareness on what about ecards? do you have any specifics to provide and help better educate users and viewers of ecards?

  • sunshine

    All greeting cards sent by email are prone to social engineering. The fact the storm worm abuses this is secondary, aside to the fact blocking this right now would help you fight infections in your organization for the next few weeks.