|
Author |
Topic Options
|
Posts: 65472
Posted: Thu Jan 15, 2015 11:48 am
Several State of California agencies are experiencing a spam-storm that's being caused by noobs who insist on opening an email attachment which is a zip file that has a hidden scr extension. The text that comes with the zipped attachment is as follows: $1: Subject: Wire transfer receive
We have received a payment from you or your company for amount 7,142.00. Please check all details attached. The zip file is called wire-payment0192-pdf.zip and it is 10KB in size. If you open the file it will install a version of the SONAR heuristic malware which can then enable the download of something else on an unshielded machine/network. Bottom line: Don't open it if you receive it.
|
Posts: 51971
Posted: Thu Jan 15, 2015 11:53 am
Our server strip .zip attachments with executable files contained. We learnt the hard way. No matter how many times you try to educate people, the blindingly obvious is always trumped by money or boobs.
|
Posts: 14139
Posted: Thu Jan 15, 2015 12:57 pm
I never open e-mail attachments. Then again, my e-mail permissions are extremely limited. Any address that isn't pre-approved by me goes straight to the junk folder. When I see e-mail from friends or family that has an attachment I trash it immediately. Since my friends and family know I won't open attachments, I know those e-mails are simply spoofing their addresses.
|
Posts: 65472
Posted: Thu Jan 15, 2015 2:20 pm
It got worse. Much, much worse.
The accompanying download is so far undetectable and Microsoft and Symantec have opened up critical incident responses.
Where the bug shows up is in severely degraded computer performance and in reported network traffic.
Right now the advice is to quarantine and reimage any infected machine.
|
Posts: 11362
Posted: Thu Jan 15, 2015 3:41 pm
the .scr trojan is on Steam as well. My Bro got hit with it and I almost did except my Windows Defender or FireFox refused to run it when I inadvertently clicked on it. It was really sneaky too, when his system became infected, it sent a Message to everyone on his Steam's Friends list. What I received was, "Wow, is this you Bro? screenshot.scr", I just clicked on it like any other link I have recieved from his account before, but like I said I got a message about Windows refusing to run it due to suspicious files.
My Bro's system has been down for a week as Windows will not even boot.
|
Posts: 11682
Posted: Thu Jan 15, 2015 7:25 pm
Oh goodie! That nice man in Nigeria must've deposited the first payment. CLICK...
|
Posts: 13404
Posted: Thu Jan 15, 2015 8:54 pm
Bank of America keeps sending me email that my card has been compromised.
Never had their card.
|
Posts: 65472
Posted: Fri Jan 16, 2015 9:48 am
Symantec has released an update for this virus - make sure your dats are updated.
Kaspersky and AVG are updated too.
For those who care, the Microsoft incident number is #40730
|
Posts: 51971
Posted: Fri Jan 16, 2015 10:36 am
A little prod as well - Tax season is approaching, and Revenue Canada does not have your email address! Even if they did, they can't email you and they won't email you!
Don't fall for the scams that get you to click things!
|
andyt
CKA Uber
Posts: 33492
Posted: Fri Jan 16, 2015 10:43 am
I got an e-mail from "Telus" telling me I hadn't paid my bill and to click on the link to pay. I went to the Telus site to check, and it was true, I had not paid the bill, so I did thru that site. Then phoned them, and no, they hadn't sent me an e-mail. Wonder how those mailers knew I hadn't paid my bill, since I'm usually pretty anal about making sure I pay well in advance of the due date.
|
Posts: 51971
Posted: Fri Jan 16, 2015 10:52 am
andyt andyt: I got an e-mail from "Telus" telling me I hadn't paid my bill and to click on the link to pay. I went to the Telus site to check, and it was true, I had not paid the bill, so I did thru that site. Then phoned them, and no, they hadn't sent me an e-mail. Wonder how those mailers knew I hadn't paid my bill, since I'm usually pretty anal about making sure I pay well in advance of the due date. I hope you were kidding!
|
andyt
CKA Uber
Posts: 33492
Posted: Fri Jan 16, 2015 10:55 am
Nope. As i recall, it took a close look at the link address, and it was slightly off from the real thing (didn't click on it). But it makes me wonder if there are telus employees out there up to some nasty schemes, since the only time I got such an e-mail was when I really had forgotten to pay the bill, or actually thought I had done so when i hadn't.
|
Posts: 65472
Posted: Fri Jan 16, 2015 10:57 am
andyt andyt: Nope. As i recall, it took a close look at the link address, and it was slightly off from the real thing (didn't click on it). But it makes me wonder if there are telus employees out there up to some nasty schemes, since the only time I got such an e-mail was when I really had forgotten to pay the bill, or actually thought I had done so when i hadn't. Coincidence.
|
Posts: 51971
Posted: Fri Jan 16, 2015 10:59 am
andyt andyt: Nope. As i recall, it took a close look at the link address, and it was slightly off from the real thing (didn't click on it). But it makes me wonder if there are telus employees out there up to some nasty schemes, since the only time I got such an e-mail was when I really had forgotten to pay the bill, or actually thought I had done so when i hadn't. Oh! The way you wrote that, it looked like you went to the link the spam provided to check your bill. The site that they obviously controlled, specifically to steal your information. Yes, I'm quite sure there are many insiders that steal all sorts of data and sell it to less than savory companies. It's why many places lock out USB and CD Writers so they can't be used. Helps eliminate data theft.
|
|
Page 1 of 1
|
[ 14 posts ] |
Who is online |
Users browsing this forum: No registered users and 1 guest |
|
|