I just came across this article "Phishing attack: Your keyloggers are in the mail" published March 29th in ZDNET Australia. It describes a successful attack against an enterprise in Australia. The article describes the attack as follows:
"While the identity of the organisation has not been revealed, the perpetrators knew their target as the CD-ROMs were addressed to the organisation.
AusCERT (Australian Computer Emergency Response Team) spokesperson Macleonard Starkey told ITRadio.com.au that, once inserted into staff computers, the CDs started a Windows Media Player executable file. In the background, keylogging software was downloaded.
"Because most users have administrative access to their machines, even in corporate networks today, it will usually be dropped straight to the Windows system32 directory, and start up from there. This is a very low-tech scam but it's also a very good one," Starkey said.
"
This is a classic social engineering attack. Never insert anything into your CD or USB ports without IT security having done a check on it. Otherwise, you may watch employee identity and authentication information go out the electronic door along with valuable enterprise data.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us