Comment : BBC email list leak highlights dangers of mailing lists

Security consultancy Global Secure Systems (GSS) says this week’s revelations that a BBC mailing list had been hacked and the users on the list spammed with scams and/or computer viruses, highlights the dangers that spam poses modern companies.

"Whilst it's likely that many of the people who signed up to this list were using their personal email addresses, it's a sure-fire bet that some were using their business addresses. And this highlights a growing problem amongst firms, namely the increasing use of company mailboxes for personal messages," said David Hobson, GSS' managing director.

According to Hobson, the BBC email list break-in clear shows why companies should - wherever possible - mandate that staff do not use their company mailbox for personal email.

"If one or more members of staff at a company had signed up to the BBC mailing list in question, then that employee has effectively opened the company's IT resource up to a spam and/or malware attack. Granted, the end result is outside of the staffer's control, but it does explain why staff should not use their company mailboxes for personal messages," he explained.

Hobson went on to say that, through the use of policy enforcement software on company IT resources and deploying effective anti-spam plus security software, it is possible to minimise the possible effects of misuse of company email resources.

"That isn't to say that it's possible to stop the company IT system from being infected as a result, but the BBC incident shows – quite clearly - why firms should have a company policy banning the use of staff mailboxes for personal use," he said,