Poor e-mail practices pose security risk

E-mail is still a commonly used tool to spread malware, as one in 10 people are likely to open e-mail messages from unknown senders, says a senior Cisco Systems executive.

SINGAPORE--Cybercriminals are still using e-mail as a means to launch malware attacks on enterprises, according to a senior executive at Cisco Systems.

"E-mail is still the vehicle by which they can infect corporations," said John Stewart, Cisco's chief security officer, in a teleconference Tuesday with journalists and analysts.

Referring to a Cisco study conducted last year, Stewart said that regardless of country, over 10 percent of respondents will still "double click on all e-mail [messages], no matter where they come from".

Attackers, he said, exploit this vulnerability to spread malware, and "one out of 10 [people] get infected [by malware] because of bad behavior".

"That means the very technique by which malware is being propagated is still succeeding [for] that 10 percent of the population," he added.

Stewart cited an example of a U.S. federal institution that got infected by malware via e-mail, because someone within the organization opened an e-mail message that contained malware.

According to MessageLabs, targeted cyberattacks via e-mail is on the rise. In March, the e-mail security specialist intercepted 716 e-mail messages which were part of 249 targeted attacks aimed at 216 of its customers, and almost 200 of the stealthy attacks comprised a single malicious e-mail designed to infiltrate an organization.

In January, hundreds of thousands of people were infected by a Trojan horse--named "Storm Worm" by antivirus vendor F-Secure--over a weekend. Cybercriminals took advantage of the situation of a real-life extreme storm in Europe to spread the Trojan through e-mail that claimed to include breaking news about the weather.

More recently, a two-factor authentication system operated by Dutch bank ABN Amro was compromised, and four of its customers had money stolen. This occurred after malware infected their machines because they opened an e-mail with an attachment that claimed to be from the bank.