Better, just train families and users to *never*
click *any* link in *any* message from
*anyone*. Then follow that up by never including
links in your own messages, and scolding anyone
who sends you a message that contains a
link. That's pretty much my strategy. I might
include links in messages to known tech-savvy
recipients who know me and who are expecting such
a link from me; for others, on the rare occasions
that I include a link, I also tell them to not
click on the link that I just posted, but instead
to type in the address themselves to their
browsers and then follow the path from there.
But then I am not a cyber security expert, so what do I know?
-- dkm
At 3/9/2012 10:06 AM Friday, Loren LaLonde wrote:
>To Mr. Oas - Hilarious.
>
>It looks like we'll have to start training our
>families and users to pay attention to where a
>link points, and remind them to never click on
>anything that ends in .exe, .vb*, and all that
>good stuff too. This one is particularly
>authentic looking since they copied the actual
>UPS copyright content, and the format is pretty
>similar to the real thing. Except I've never
>seen an invoice link, and delivery confirmations always include your address.
>
>I might as well get ready to be on call with the
>relatives for this one. Anyone know which virus
>or exploit they're using so I can have the cleanup instructions handy?
>
>On 3/8/2012 4:00 PM, Jon Galbreath wrote:
>>Yup, the page itself has links that go to some
>>Java-enabled something or other. I didn’t wait
>>around to see what materialized. Fortunately
>>Java is so slow there’s time to close the page
>>before you find out what’s in store. I’m guessing it’s evil.
>>
>>Jon Galbreath, MCSE
>>Systems Administrator
>>International Studies and Programs
>>Helpdesk: 517-884-2148
>>Ph: 517-884-2144
>><mailto:[log in to unmask]>[log in to unmask]
>>
>>From: Laurence Bates [<mailto:[log in to unmask]>mailto:[log in to unmask]]
>>Sent: Thursday, March 08, 2012 3:59 PM
>>To: <mailto:[log in to unmask]>[log in to unmask]
>>Subject: [MSUNAG] FW: UPS Delivery
>>Notification, Tracking Number B80F119957814DA9
>>
>>This looks like a particularly dangerous email
>>load – a credible looking web page attachment
>>which offers an executable “invoice” Unless I
>>am mistaken, this could catch quite a few users.
>>
>>Laurence
>>
>>From: UPS Quantum View [mailto:[log in to unmask]]
>>Sent: Thursday, March 08, 2012 1:49 PM
>>To: <mailto:[log in to unmask]>[log in to unmask]
>>Subject: UPS Delivery Notification, Tracking Number B80F119957814DA9
>>
>>
>>You have attached the invoice for your package delivery.
>>
>>Thank you,
>>United Parcel Service
>>
>>*** This is an automatically generated email, please do not reply ***
|