By Sharla Sikes
Web 2.0 is so, like right now.
Rick Cook at InsideCRM.com calls it a â€œcatchphrase that many new technologies use to make the Web appear a friendlier, more powerful place and help users be more productive.â€
Productive, yes; but how about vulnerable?
â€œUnfortunately, the phrase makes identity thieves Air Blower, crackers, phishers and other criminals more industrious as well. Web 2.0 does not so much introduce new kinds of computer crime as it exposes new vulnerabilities to old types of criminal activity,â€ Cook blogs.
Cook cites a 2007 incident where Salesforce.com,
all comprar viagra works night water really.
Inc. users and â€œtens of thousandsâ€ of their customers got hit with phishing attacks. A Salesforce.com employee’s online identity was stolen through phishing, and the criminals helped themselves to customer contact lists from Salesforce. While the lists didn’t have Social Security numbers or other extremely sensitive information, the phishers
used the stolen data to launch more identity theft phishing attacks. The phishers posed as Salesforce customer companies and the Federal Trade Commission, and sent victims attachments that automatically downloaded password-stealing
programs. Not only were thousands of dollars lost through the fiasco, but the crimes damaged trust between CRM
users and clients.
Security is vital in CRM systems, and users must actively manage accounts to protect
themselves. â€œDoing so takes some awareness and a certain amount of technical sophistication, but it is not difficult,â€ Cook says.
The Most Important Thing, according to Cook, is to simply be aware. Awareness and education won’t replace but will definitely enhance technical measures, which are useless when employed without awareness. The potential for security breaches should be on everyone’s mind who uses the CRM system. Users should be on the lookout for red flags, such as e-mail attachments and booby-trapped Web sites, called â€œsocial engineering.â€ Online criminals need
this unintentional cooperation from those on the inside of CRM systems, since firewalls and anti-virus programs have improved greatly in recent years. This means attacks have become more sophisticated and sneakier in order to fool users into clicking infected links or opening dangerous attachments.
such as the Salesforce incident is called â€œspear-phishing,â€ meaning the attack was targeted based on detailed information about the victims themselves and their business relationships. Spear-phishing can be far more effective since victims are fooled by e-mails with such detailed information.
The bottom line is that CRM users should treat all e-mails with a high degree of skepticism and all attachments as potential security threats, even if the sender’s address and email server may seem legitimate. A quick way to double check is to send a response to the sender at a known e-mail address. It’s also important to keep in mind that most legitimate senders do not send out e-mails requesting sensitive information or containing attachments or links.