Over the past month, the retail industry became the sector hit hardest by targeted email attacks, beating out the public sector and pharmaceutical business, according to a report from Symantec. Retailers were the target of approximately one-quarter of all such attacks, which often sought to trick company executives into opening fraudulent links or attachments.

The latest malicious spamming efforts involve fraudulent email messages that look like they come from the IT or HR department, reports Ellen Messmer at NetworkWorld. The purpose appears to be to fool high-level employees into turning over competitive information about the organization's operations.

Symantec found 516 separate attacks of this kind, dubbed "spear phishing," that appear to have come from IP addresses in Argentina and the United States. Two retail groups accounted for 63 percent of the 516 attacks. After Symantec blocked the first round of attacks, a second and third round were sent, Messmer reports.

In one particularly insidious example, an email that appeared to come from a senior IT security exec at the company went out to 70 employees. It included a fraudulent attachment posing as an action for a "critical update," which would have installed a backdoor Trojan on the employee's computer if clicked on.

For more:
- see Ellen Messmer's article at NetworkWorld

Related Articles:
Email virus offering sex movies spreads rapidly
How to recognize an email that's phishing