A socially engineered e-mail, which contains a Trojan file that exploits a zero-day vulnerability and then hides behind a rootkit, might be the perfect attack and impossible to defend against.
Patrick Runald, senior security specialist at Finnish antivirus firm F-Secure last week told me that some users are obliged to open certain documents as part of their job -- so no amount of education can stop such an attack.
For example, if an HR director receives a CV, what is he supposed to do?
"Even if you know a lot about computers and you know you shouldn't open all attachments, if you receive a document file and it looks valid, it contains something about your work, you are obliged to open it.
"And then it contains a zero-day exploit and will install a Trojan onto your system, typically hidden by a rootkit, which makes it very difficult to detect with an antivirus program," Runald told me in a video interview last week.
When asked how companies can defend against social engineering, he said it was a "difficult" problem.
"You have to install patches -- that is what you have to do," added Runald.
Another problem here is that simply by writing this, am I helping the bad guys or the rest of us -- so we know what we are facing?
This is really scary -- suggestions anyone?