FTA:
> In July 2010, a second incident was identified by our Security Team. This involved fake emails sent to one of our mobile operator customers spoofing legitimate Gemalto email addresses. The fake emails contained an attachment that could download malicious code. We immediately informed the customer and also notified the relevant authorities both of the incident itself and the type of malware used.
I'm not buying this. If the fake emails were sent to the customer, wouldn't the operator be the one who detects the malicious address? So how is Gemalto informing the customer that the mails are malicious?
I'm not buying this. If the fake emails were sent to the customer, wouldn't the operator be the one who detects the malicious address? So how is Gemalto informing the customer that the mails are malicious?