Article

The security software company Sophos recently released a report describing the Security Threat Landscape over the first half of 2006. It revealed that there has been a significant slowdown in new viruses and worms. The news is not all good however - there has been a significant increase in other varieties of malware, especially Trojans. New Trojans are now four times more common than viruses and worms.

A typical attack involves Trojan software sent via spam masquerading as legitimate email from Amazon or Paypal.  Once a Trojan is surreptitiously installed on a victim’s machine it may open up a backdoor for an attacker to harvest the victim’s credit card details, or it could act as a 'spambot' sending out spam to others to perpetuate the scam.

The increasing incidence of Trojans arriving via sophisticated Spam highlights the importance of user education.  It is easy for IT professionals generally – and security specialists in particular - to forget that most users have no idea what a Trojan is, let alone that it could enter their computer via a cleverly disguised phoney email purporting to come from Amazon, or via an intriguing email from a Russian girl who is looking for a lover.

There is no reason why ordinary users would know these things unless someone takes time to tell them.  They are far from being self-evident propositions. Safecoms recently carried out a series of user awareness training sessions for the staff of a major financial services company. These were intelligent, well informed professional people: during the question and answer sessions that followed the briefing, the most frequently asked questions were “what is a Trojan?” and “what on earth is a phishing scam?”  When these users were then presented with a brief explanation of what Trojans do, the vast majority were amazed at the concept. They will certainly be far more circumspect next time an email arrives in their inbox from “Angie” announcing “I look for sexy man”….

For more information on the increasing Trojan threat, you can find the Sophos report here:

http://www.sophos.com/pressoffice/news/articles/2006/07/securityreportmid2006.html