Archive for the ‘E-mail’ Category

I return

Wednesday, December 1st, 2010

It’s been a while since I’ve updated this blog.  I’ve been rather busy and allowed it to languish.  I’ve recently been challenged by a friend to post on my blog once each day for this month.  I’m determined (at least this evening) to succeed.  I’ll try not to let an unplanned 16+ hour day break my stride.

I got an e-mail from a client recently warning me about some “new” virus that was coming through and he felt I would appreciate the information.  I’ve seen these many times before and the basics of this particular e-mail were the same even though the specifics were different.

It had the typical alarmist usage of exclamation points along with letting you know that this one was worse than all before it and your computer was likely to become little more than slag when this bad guy was done with it.  The e-mail also said how this or that anti-virus or operating system company had confirmed or initially sent out the warning.  It may also have mentioned a news outlet which had done the same thing.

Now, the truth is that none of these companies likely had anything to do with the origination of this e-mail.  In fact, I’ve seen these e-mails mention viruses which were old news years ago.  In the end, these e-mails get sent around to everyone in a manner similar to how a virus spreads.

What can you do?

I use these e-mails as a gentle reminder to be diligent in how I handle e-mail from any source.  Never open an attachment or click on a link in an e-mail from someone you do not know.  If it is from someone you know, you should be expecting the attachment or link before opening it.  Similarly, never send out an attachment or link to someone without discussing it first so the recipient doesn’t consider it a potential virus and delete it without review.

They don’t stop trying to be sneaky

Wednesday, March 26th, 2008

A recent issue I’ve encountered recently is where the user receives the following e-mail:

 From: “Automatic Email Delivery Software” <postmaster@[ISP]>

Subject: Returned mail: see transcript for details

Dear user of [ISP],


We have received reports that your account has been used to send a huge amount of junk email messages during this week.

We suspect that your computer had been compromised and now runs a trojan proxy server.


Please follow our instruction in the attached file in order to keep your computer safe.


Best wishes,

The [ISP] support team. 

Prior to this, the user had been seeing bounce-back messages from places she had never e-mailed suggesting that either she did have such a trojan installed or her e-mail account had been hacked.  The above e-mail also included an attachment which supposedly contained instructions.

This has been seen in various configurations over the past week or so.  I was fairly confident that the trojan did not exist as the user has a Mac (although using a Mac doesn’t make you immune to nasty software, it does put you in a category of very low risk).  So, working on the assumption that the e-mail account had been hacked, I changed her passwords on every account she had with this ISP.

Some of the e-mails that she received purported to be from someone other than her ISP.  The body text was identical, however.  This made it an obvious clue that the e-mails were being sent by someone with less than honorable intentions.  The second clue is that the instructions referenced in the e-mails was an attachment.  In all cases the attachment was either a .SCR file or a .ZIP file containing a .SCR file.  The .SCR extension denotes a Windows screen saver (not likely to work on the Mac in question).  As such it is an executable file and likely contained some sort of bad thing, likely the “trojan proxy server” as referenced in the e-mail.

It is unfortunate that these kinds of bad things occur and try to snare people further by claiming to be something kind when they’re not.  Other recent scams have been the greeting card e-mails which make it seem like a friend sent you a nice electronic card but you click on the link to go to the site and all havoc is wrought on your computer as a result.

Keeping yourself safe is becoming more of a challenge these days, especially when a new avenue of attack comes around (the greeting card method grabbed many by surprise before it became published in tech industry news).  The general advice is still the same:  Keep your anti-virus, anti-spyware, firewall, and operating system software up to date; if something comes through all that and still looks suspicious, ask someone you know to be more knowledgeable than yourself to take a second look at it.

Look what I got in my e-mail today…

Friday, March 14th, 2008

I have many subjects that I’m itching to write about. I was trying to figure out the first one for this morning when the following appears in my inbox:

Subject: FW: Mosquito Prevention/Listerine

I got this from a friend….very interesting!

The best way of getting rid of mosquitoes is Listerine, the original medicinal type. The Dollar Store-type works, too. I was at a deck party awhile back, and the bugs were having a ball biting everyone. A man at the party sprayed the lawn and deck floor with Listerine, and the little demons disappeared.

The next year I filled a 4-ounce spray bottle and used it around my seat whenever I saw mosquitoes. And voila! That worked as well. It orked at a picnic where we sprayed the area around the food table, the children’s swing area, and the standing water nearby. During the summer, I don’t leave home without it…..

Pass it on.

We all get e-mails such as this from well meaning friends, relatives, and associates. The above was sent to about 200 people. I know the sender was well meaning and genuinely wanted to be helpful. However, I know that this kind of misinformation being spread can be nearly as annoying as spam.

Next on the list after this would be the jokes that keep getting sent. I’ve seen jokes sent by one person to a group, another person in that group sends it on to another group (to which I happen to belong), and so forth. I could see the same joke 200 times in the span of an hour because it was that good and everyone thought I would like it. To be honest, I probably did like it, but that was six months ago when I read it on rec.humor.funny.

So, how to deal with this. When I get an information type of e-mail from someone (whether it be good advice or a warning of some potential hazard) I’ll check it against a reference I trust. Most of the time, this will be Snopes. You can read what they have to say about the Listerine advice here. As you can see, it’s a waste of time.

To date, I have received exactly one e-mail forward which has any truth to it at all. You have to promise, however, NOT to spread the word out to all your friends but the details can be found here.

In addition to Snopes, you can use any search engine (Google, Yahoo, etc.) to determine the validity of any of these pieces of advice.

Any questions?