Barracuda Networks Protects Salesforce.Com Users Against Lat

Barracuda Networks Protects Salesforce.Com Users Against Latest Phishing Malware Attack

Published 10th January 2008

Barracuda Spam Firewall Blocks Email Containing Malware that Collects Usernames and Passwords...

Basingstoke, UK, 9th January 2008 – Barracuda Networks, Inc., a leading provider of network security appliances, today announced that its Barracuda Spam Firewall has implemented specific countermeasures to block the phishing malware attacks targeted at salesforce.com users. These attacks were outlined in a broadcast email yesterday to all salesforce.com users advising them of the latest malware threat.

The attack on the salesforce.com user base is a variant of known attacks that attempt to lure users into installing malware that can collect passwords to online systems, including banks, credit cards, shopping Web sites, and even salesforce.com itself.

“What makes this form of the attack unique is its social engineering,” said Stephen Pao, vice president of product management for Barracuda Networks. “The email masquerades itself as part of the Salesforce Identity Confirmation feature, which ironically was intended to enhance legitimate salesforce.com security measures against the latest wave of phishing attacks. Because of its clever design, unsuspecting salesforce.com users may inadvertently install the malware.

“While existing defence layers targeting malware in the Barracuda Spam Firewall have been effectively blocking these attacks, Barracuda Central today added another layer of defence specifically targeting this social engineering,” added Pao.

Barracuda Central, an advanced technology centre at Barracuda Networks, consisting of highly trained engineers who continuously monitor and block the latest Internet threats, responded to the salesforce.com announcement by quickly adding additional levels of protection in the event that the attack starts using new malware variants. The additional levels of protection involve rules that actually block the social engineering around the Salesforce Identity Confirmation feature in addition to the malware.

“Just as Barracuda Networks was the first major appliance vendor to target the attacks against Adobe Reader users in 2007, we are proud to be the first to specifically target the attacks against salesforce.com users in 2008,” said Pao. “The tactical response of Barracuda Central combined with the Barracuda Spam Firewall's 12 defence layers allows us to continue to supply the best spam protection at the best value in the industry.”