NISCC warns businesses about increase in targeted Trojan e-mail attacks

The UK National Infrastructure Security Co-ordination Centre has issued a warning that a series of ‘Trojanised’ e-mail attacks are targeting UK government and companies.

According to NISCC:

• The attackers’ aim appears to be covert gathering and transmitting of commercially or economically valuable information.

• Trojans are delivered either in e-mail attachments or through links to a website.

• The e-mails employ social engineering, including use of a spoofed sender address and information relevant to the recipient’s job or interests to entice them into opening the documents.

• Once installed on a user machine, Trojans may be used to obtain passwords, scan networks, ‘exfiltrate’ information and launch further attacks.

• Anti-virus software and firewalls do not give complete protection. Trojans can communicate with the attackers using common ports (e.g HTTP, DNS, SSL) and can be modified to avoid anti-virus detection.

NISCC has published a document providing detection and protective advice - see

•Date: 17th June 2005 • Region: UK • Type: Article •Topic: Warnings
Rate this article or make a comment - click here