Suspect attachments to email: Please Read

[DesDownunder]

I have been receiving emails to my personal email address with Zip attachments. "Fees-2008_2009.zip"

Inside the zip is a file called "Fees-2008_2009.doc.exe"

Interestingly and evidently, from what I read on the Net, some anti-virus programs are not picking this up as a virus. Both Avast and McAfee are cited as not responding to this attachment.

Panda Security reports it conceals a Trojan downloader.

There seems to be spate of these kinds of emails with wording along the lines of

"Your statement for fees is attached"

or

"Your email couldn't be delivered."

amongst other variants.

Please make sure you examine your emails and delete any of these type of files, unless you know for certain they have come from a legitimate source. Do not open them.

AD Forums and our database have not been attacked or compromised.

[Mountain Dude]

VERY good advice!!

[Trab]

When are the authorities, worldwide, going to treat these internet terrorists as what they are, and start dealing out proper punishments for the damage they do? A few good public executions may curb their appetite for 'fun' a little bit.

The scary thing is, my nephew sides with the hackers. He feels that any program that is made that has any kind of loophole 'is just asking for it', but to me that's like blaming the rape victim for being too 'attractive'. With that kind of attitude civilization is doomed. If everything needs protection by police, there aren't enough, and who's watching them?

[Camy]

Thanks Des!

[colinian]

IPv6 is starting to be deployed. Everyone who's running Windows Vista has native IPv6 installed by default, with 6to4 converting old IPv4 sites so they work when viewed on a Vista PC. Every organization that's using Windows Server 2008 is running IPv6 by default. In order to deploy a native IPv6 site all of the routers be designed for IPv6, and the organization's network node provider must support IPv6.

IPv6 has features that will be able to be used to stop spam and phishing cold, and will prevent people from faking the source of their email. Coupled with a good firewall the use of the internet and email in the future will be safer. The basic question is how long it's going to take to deploy IPv6 at all ISPs. A LOT of routers will have to be replaced, servers upgraded, etc.

There's a lot of technical information about IPv6 on the internet. One of the best not-too-technical introductions is on Wikipedia at http://en.wikipedia.org/wiki/Ipv6.

Colin

[Richard Norway]

Colin:

I'm sure glad that your major is computers and that you understand all of what you just said, because I haven't a clue.

Now, if you want to know about Eigenvalues used in matrix solutions to indeterminate structures, I'm your man!

Richard

[Camy]

Eigenvalues used in matrix solutions to indeterminate structures ....

Ah! *a warm glow suffuses the Emu's cheeks* Such sweet, sweet memories! Who can honestly say they haven't juggled around with awkward characteristic polynomials on a balmy Sunday afternoon. I know I can!

Camy (thanking the lord of the www for wikipedia)

[The Pecman]

That sucks, Des.

I have all kinds of filters on my email accounts, but still a few spam/crapware/malware bits slip through every day. (My domain provider indicates I get more than 100,000 pieces of spam a month that they routinely bounce, so they get 99% of it.) My employer's IT department told me they bounce over 1,000,000 bogus emails a month, and that's just for our building, with about 200 people in it.

It's a wise idea to immediately delete any emails with attachments, especially from someone you don't know. Sometimes, just unzipping compressed files can cause it to auto-launch (depending on how they've set it up).

This is not a problem on Mac OSX -- yet -- but it will be eventually.

[DesDownunder]

That sucks, Des.

...

It does? I must have been asleep when it did that.

Yes Pecman I routinely delete anything I don't recognise as being from a legitimate source.

The one reported however was sooo close to the wording of a number of invoices we receive, it made me look twice.

Zip attachments always alert me to look at the sender.

So my computer didn't get infected.

I was just surprised at the tardiness of the Anti-virus services and my own ISP's filter on this attachment.

[blue]

I at least recognize the term, Eigenvalue, but I'm not sure I got that high up. I got to Calc III but not to Dif. Eq. Haven't used much calculus since college, as it didn't apply usually wo what I do, but I *liked* calculus. Yes, you can all edge away slowly now. :)

I got the gist of what Colin's saying. He's trying to say that there's a new techno-babble gadget, software rather than hardware, if I understand right, that will help block spam and phishing attempts from ever getting past the server, which is the intermediary between the sender (spam source) and the receiver (you). In practice, there are several midway points between that spammer and you, which is just fine, as the spammer likely makes people with poor hygience and worse social skills look like real charmers by comparison. Colin was also trying to say that the protective or preventive gizmo is newfangled, so it has to be put in place on a lot of server computers (and individual's computers) before it helps much.

-----

Meanwhile -- Any attachment that looks like that, any that has "_doc.exe" on the end of it, is just plain bogus. Don't open those. They're spam. Delete them. Or report them and then delete them.

To Trab's comments, I'd say that spammers are rarely ever terrorists. They are more usually thieves and con artists, or working for same. What they're doing is at least a nuisance and in general illegal, because usually, they're trying to get data or steal information or money, besides cause aggravation and wasted time and effort. Yes, they're wrong. The people who write the spambots could be using their skills for something useful or at least entertaining. They're wrong and they ought to be ashamed of themselves. Go write a game and make yourself some honest money. Go do something practical and useful. Go do something helpful. Much better than causing damage or stealing. I don't admire them and I make a distinction between a skilled programmer or network admin or designer, versus someone in it to cause trouble or steal. There is a difference between using hacker skills for good or for bad, or simply doing your job as a skilled professional (or amateur).

[blue]

BBB careful - phishing scam

2012-05-19

Be careful out there, gang. My spam folder just received a phony phishing spam claiming to be from the Better Business Bureau (BBB) at abuse (at) bbb (dot) org dated...with tomorrow's(!) date...and urging me to download and fill out the attached form, because someone had filed a complaint against my business. Uh-huh. Except -- that email address is not a business email address and it is not yet tomorrow. ;) Unless the BBB now has time-traveling blue police boxes or carriages with spinning wheels attached, well, -- NO. -- Do not click or open the attachment. Don't download it. Email bad! Bad email!

Checking Google, it appears this is the third (or more) time a phishing / spamming source has tried to co-opt bbb.org's name to phish for data.

Don't do it. Nope. Nuh-unh.

[blue]

The latest arrival in my spam folder was only remarkable for the sender. It was sent from Fapturbo. Well, at least we know what he's very busy doing when he's not sending out spam....

He'll be sore, but he's sending out spam. Not much sympathy here, sorry. Maybe he'll be too preoccupied to send spam.

We might even hope he'll find one of those very friendly girls who wants to show him her assets, and they'll both be too busy to put spam in anyone's folders.