LISTSERV 16.0 - MSUNAG Archives

On Tue, Aug 10, 2010 at 12:06:31PM -0400, Aldrich, Dak wrote:

> Wow.  New one started today.  Late morning.
> 
> I have been getting faculty, on the MSU mail system, forwarding me those 
> phishing emails... The ones where you have to click a link and...  Well, 
> I?ve never gotten that far, so I don?t know what you do after you click 
> the link.

It depends on the way the attack is set up.  Some are trying to
collect information and those set up a somewhat plausable page
or a form that asks you to type some stuff in - usually including
information you should never give away.   On those that will be 
the end of it -- that is until you see your bank account emptied
and your credit cards maxed out and your car and house owned by
someone else, etc, etc.

Then there are others that execute some hidden code when you click
the link which generally inserts some code on your machine to do
things like search for files with sensitive information including
Email lists of friends, just outright trash things, put in a keypress
recorder that records everything you type and then sends it off to
a system that searches the keypress stream for passwords and 
other sensitive information.

There are other schemes they might set up as well to get around
encrypted transmissions by inserting either code or replacement
addresses.

Plus, it could be combinations of these things.    

So, good that you get rid of them without clicking on them.
Too bad some people do click on them and even enter that private
information.

> 
> They ask me if they?re legit...  (I know... I?m getting tired of it, too.)

Yah, I a lot of queries too.   You'd think people would catch on.

> 
> But today, when I responded to them... My mail was rejected by
> 
> mx12.mail.msu.edu
> mx56.mail.msu.edu
> 
> The message I got back said there was a virus found.
> 
> That?s funny.  There was no file attacked to the email.  It was a simple 
> text reply.  I don?t even use HTML formats... I have no need for them.

Doesn't have to be.  If you were replying it may have retained something
from the original message, including header info.   It could also be some 
coincidence but that is not likely.

////jerry

> 
> Any idea what?s going on that a simple text mail, with no files, is 
> getting flagged as a virus?
> 
> Thanks!
> 
> -dak
> ________________________________
> This message is only for the intended recipient(s).  If you are not the named recipient you should not read, distribute or copy this email.  Any views or opinions expressed in this email are those of the author and do not represent those of Michigan State University or the College of Music.  Any information obtained from or contained in these emails is confidential.  No information will be shared or given to any persons outside of the appropriate department(s).