On Wednesday 20 August 2008 08:27:23 Al Puzzuoli wrote: > An email was just brought to my attention with an interesting new twist. > The subject is "Journalists Shot in Georgia". The email contains a > brief headline, along with a password protected zipped attachment which > is supposedly a video of the news story. I'm guessing password > protected zips will circumvent most if not all server side AV? > > Just another headache to consider, as if we didn't already have enough. > > Al Puzzuoli > Information Technologist > Resource Center for Persons with Disabilities 517-884-1915 120 Bessey > Hall East Lansing, MI 48824-1033 http://www.rcpd.msu.edu Is this new? I thought I'd heard of password protected zip files before, but then again there are sooo many little treats out there that I can't keep track of them. I keep telling my people to regard attachments with great suspicion and (try to) explain why an unsolicited attachment can represent great danger. I am also trying to get people to adopt a protocol regarding attachments: 1. Tell the person in email or phone (or other OOB channel) that they are about to send an attachment; 2. Send the attachment very soon after #1. 3. (optional) send something that says you've done it. I'm not sure how many people are doing this, but I have two friends who are because they got the scare of their lives a few years ago. Both got attachments which were programs that said they wanted to "check" your system for registry problems. The program was sent from someone they both new, and included details on some trivial stuff that made it seem as if the supposed person was sending the email. At least three others got this mail as well. When the program that was in the attachment was decoded, it turned out to be a badly written attempt to scrounge around in a Quicken directory, and send off data. Cute, eh? The biggest problem is that since most people are good, folks have this tendency to believe whats in front of their faces. --STeve Andre'