Turning The Worm: How To Use E-Mail Attacks To Win Clients

The Mydoom virus, which began spreading on Monday, has infected hundreds of thousands of email boxes, leading some to label it the worst email virus ever.

The Test Center recommends solution providers offer an advanced warning service to their clients, alerting them of outbreaks and how to handle them before signature updates are made available. This involves little more than maintaining an e-mail list of key personnel at customer sites and using it to send out early warning e-mails describing what to look for and how to handle it in the interim. No mater what method you use, make an effort to develop a methodology for alerting customers' staff of outbreaks and recommendations, and make sure the customer is aware of this special attention.

Also before the next outbreak, offer security-focused e-mail training for client's employees. The recent worm wouldn't have been anywhere nearly as successful if people just new enough not to open suspicious attachments. Apparently, there is room for significant training in this area.

Use antispam solutions or augment them to look for high-frequency subject lines. This particular worm kept using many of the same subject lines, which could be detected by a heuristic solution. If this is not an option or it doesn't work well against a particular virus, then dedicate resources and implement a policy to update antispam rules manually for your customers whenever outbreaks occur.

Of course all this assumes that fundamental steps like using automatic signature-file updating and the deploying client-side AV solutions have already been taken.