The Human Factor
Ultimately, any security system is only as effective as the weakest link. In the case of online security, the weakest link is always the human factor. As a result, social engineering techniques are a key element in malware dissemination processes used today. Techniques are often as simple as sending links purportedly from a friend via email or instant messaging (IM). These links are crafted to look as if they lead to interesting online resources, but in reality, these links lead to infected web resources.
Today, email messages can contain scripts that connect to infected websites without any user interaction at all. Even the educated, highly cautious person who never clicks on unsolicited links is in danger of infection by a "drive-by" download. The inclusion of current events in such campaigns occurs today with alarming speed, yielding astonishingly effective results. Phishing continues to be a major source of infection despite efforts by banks and other organizations that conduct online financial transactions to implement countermeasures. Too many innocent victims can still be convinced to explore interesting links and to accept official-looking communications as legitimate.
©2008, Kaspersky Lab, Inc. All rights reserved.
<< Previous Next part >>
 |
