Baitware gets better - we should all be vigilant

I am always rattling on about good end user education when it comes to IT security. Let's face it, with a well educated, aware and on the ball work force your chances of them introducing malware through social engineering or phishing attempts should be reduced.

The problem is that the quality of "baitware"—that is emailed documents that contain malware—is improving. F-Secure have an interesting selection of baitware on their site (http://www.f-secure.com/weblog/archives/00001715.html). The quality of the written prose is a lot better than usual and the business speak quite convincing. Most of these would be convincing to a lot of users, except the last example of a prize winning notification.

This just goes to show that we all need to be switched onto this threat and the days of sniggering at poorly written scam emails maybe drawing to a close.