On Tue, Aug 10, 2010 at 12:06:31PM -0400, Aldrich, Dak wrote: > Wow. New one started today. Late morning. > > I have been getting faculty, on the MSU mail system, forwarding me those > phishing emails... The ones where you have to click a link and... Well, > I?ve never gotten that far, so I don?t know what you do after you click > the link. It depends on the way the attack is set up. Some are trying to collect information and those set up a somewhat plausable page or a form that asks you to type some stuff in - usually including information you should never give away. On those that will be the end of it -- that is until you see your bank account emptied and your credit cards maxed out and your car and house owned by someone else, etc, etc. Then there are others that execute some hidden code when you click the link which generally inserts some code on your machine to do things like search for files with sensitive information including Email lists of friends, just outright trash things, put in a keypress recorder that records everything you type and then sends it off to a system that searches the keypress stream for passwords and other sensitive information. There are other schemes they might set up as well to get around encrypted transmissions by inserting either code or replacement addresses. Plus, it could be combinations of these things. So, good that you get rid of them without clicking on them. Too bad some people do click on them and even enter that private information. > > They ask me if they?re legit... (I know... I?m getting tired of it, too.) Yah, I a lot of queries too. You'd think people would catch on. > > But today, when I responded to them... My mail was rejected by > > mx12.mail.msu.edu > mx56.mail.msu.edu > > The message I got back said there was a virus found. > > That?s funny. There was no file attacked to the email. It was a simple > text reply. I don?t even use HTML formats... I have no need for them. Doesn't have to be. If you were replying it may have retained something from the original message, including header info. It could also be some coincidence but that is not likely. ////jerry > > Any idea what?s going on that a simple text mail, with no files, is > getting flagged as a virus? > > Thanks! > > -dak > ________________________________ > This message is only for the intended recipient(s). If you are not the named recipient you should not read, distribute or copy this email. Any views or opinions expressed in this email are those of the author and do not represent those of Michigan State University or the College of Music. Any information obtained from or contained in these emails is confidential. No information will be shared or given to any persons outside of the appropriate department(s).