Unified Communications Featured Article

Next-gen “spam fighter” Red Condor issued a warning of a new malware threat, which appears as an e-mail thread.

The thread, which discusses vulnerabilities in Adobe software, targets all Adobe customers, and consists of forwarded e-mails that commence with a security update message, from an employee in “Adobe Risk Management.”

Warning recipients of a “Denial of Service Vulnerability” in the Adobe software, the campaign advises companies using the software to update their systems with the “latest security patch.” The structure of the forwarded thread is spoofed and so customized that it appears to be very convincing.

In order to make the e-mail appear more legitimate, full names and e-mail addresses of people holding high posts in the recipient’s organization to whom the e-,mail has been forwarded are included. This gambit on the part of the scammers add to the authenticity of the message, and perhaps is the most potentially damaging of all.

The body of the e-mail contain links to an executable PDF file, which is supposed to contain the update instructions for the security patch, is in actuality a Trojan virus.

Red Condor said it was the first company to have detected this malware campaign, while the majority of Anti Virus engines failed to detect or recognize the malicious download.

“This sophisticated campaign demonstrates the length scammers will go to get their e-mails past security so they can deploy malware on unsuspecting users’ systems,” said Dr. Tom Steding, president and CEO of Red Condor.

Steding acknowledging the convincing nature of the e-mail, said that it appears to have already made it through chains of command at the respective companies. The convincing nature of the campaign was dangerous as it posed a significant threat, if the volumes of messages increase.

Red Condor has advised recipients of the fake Adobe Security Update e-mail to delete it immediately and not to click on the embedded PDF or website links.

The campaign was detected by Red Condor’s Spam Trigger filter, and once identified as potentially harmful, has been quarantined. After review, rules have been written up for distribution to Red Condor’s anti-spam appliance and Hosted Service customers.

Red Condor has a cost-effective, time-saving solution that is rapidly gaining market share. The system’s design has built-in zero tolerance for lost e-mail, and a near zero false positive rate while achieving long-term spam block rates greater than 99 percent. The company’s next-generation technology is backed by a 24x7 customer care center staffed by e-mail security experts at Red Condor’s headquarters.