This is what is in store for “the cloud”. All the criminals have to do is breach the cloud provider and much more damaging things are available than just e-mail addresses.
“Cloud computing” is nothing more than client/mainframe 2.0. The “Cloud is a revolution and isn’t even evolutionary. It is DE-evolutionary. The cloud simply re-introduces the single point of failure(the cloud). Compromise the cloud and a whole ton of things go offline. We spent years getting away form this concept only to foolishly run back to it again. The only reason I present it to my clients is they are asking for it. They get my cautions about the various serious issues with the cloud. If they choose it after that..it’s only a matter of time before I get the duties to clean up and cash in…one I won’t relish at all.
Criminals have been conducting complex, targeted e-mail attacks against employees at more than 100 e-mail service providers (ESPs) over the past several months in a bid to hijack computers at companies that market directly to customers of some of the world’s largest corporations, anti-spam experts warn.
The attacks are a textbook example of how organized thieves can abuse trust relationships between companies to access important resources that are then recycled in future attacks. According to multiple sources, the so-called “spear phishing” attacks in this fraud campaign arrived as virus-laden e-mails addressing ESP employees by name, and many cases included the name of the ESP in the body of the message.
The poisoned missives used a variety of ruses, but generally included an invitation to view images at a Web site URL included in the message — such as a link to wedding photos or an online greeting card. Recipients who clicked the links were redirected to sites that attempted to silently install software designed to steal passwords and give attackers remote control over infected systems.
via Spear Phishing Attacks Snag E-mail Marketers — Krebs on Security.