Whatever security precautions you have in place at a business level, celebrity-obsessed end users will continue to click on unsecure links. When it comes to choosing buzzwords for bait, current events remain the key attraction.
Trend Micro this week released a list of the words which it most commonly detected in social networking messages and suspicious emails during 2012. The list is dominated by news events: celebrity activity, major product launches, and notable calendar events. It also shows a notable US bias (note tax season in Q1 and Thanksgiving-related events in Q4.)
•World of Warcraft
•Black Friday Sale
•Cyber Monday Sale
While celebrity deaths aren’t always predictable, other events are. As Trend’s Aman Chand noted in the release announcement: “Without a doubt Christmas or any other widely celebrated sporting event such as The State of Origin, for example, will always be a favourite cybercriminal bait.”
From a security operations perspective, while the keywords may change, the underlying nature of these threats remains the same. The protective measures also remain the same: perimeter security, proactive scanning to detect dubious attachments and known suspicious links, endpoint protection. None of this software needs to be spectacularly aware of Whitney Houston, beyond the occasional addition of a URL to a blacklist.
In an ideal world, you’d also educate users to be more cautious about clicking on unfamiliar links. Sadly, I suspect no amount of education is going to stop some people once their curiosity takes hold.