Bounty offered to catch spoofers

Ross Bentley

A leading software supplier is offering its staff £25,000 for information leading to the identification of those responsible for a...

Ross Bentley

A leading software supplier is offering its staff £25,000 for information leading to the identification of those responsible for a spate of e-mail break-ins.

Geac, an enterprise resource planning software supplier, has been blighted by a series of "spoof" e-mails, purporting to come from its management, which have been sent round the company worldwide intranet as well as to several hundred customers.

Geac's European managing director Chris Allen told Computer Weekly, the e-mails were "clearly meant to undermine the position of the company". Spoofing refers to e-mails that look like they have been sent by one person but are the work of a fraudulent second party.

Besides offering a bounty, Geac has employed the services of security specialists Vogon in an attempt to trace the perpetrators and to prevent future incidents.

The initial investigations will focus former Geac ex-employees who may be bearing a grudge against the company.

Last October Geac acquired AS/400 software supplier JBA, which led to a number of redundancies. Geac at the time believed some ex-employees had been trading using documents and software stolen from the company, before the spoofing attacks.

Gordon Stephenson, managing director of Vogon, said, "This is a classic case of spoofing and obviously Geac are taking a dim view of it. From a security aspect, redundancies, especially those of IT people, pose a great threat to a company."

Disgruntled employees can cause havoc within a company. In most cases, their log-in details should be changed immediately and they should be walked off the premises straight away."

Chris Heslop, marketing director at e-mail policy advisors Content Technologies said that 80% of e-mail security failures originate from within an organisation. "Incidents, like this can be reduced through the use of digital signatures and the implementation of a clear and strict rules-based e-mail policy," he said.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...