Better, just train families and users to *never* click *any* link in *any* message from *anyone*. Then follow that up by never including links in your own messages, and scolding anyone who sends you a message that contains a link. That's pretty much my strategy. I might include links in messages to known tech-savvy recipients who know me and who are expecting such a link from me; for others, on the rare occasions that I include a link, I also tell them to not click on the link that I just posted, but instead to type in the address themselves to their browsers and then follow the path from there. But then I am not a cyber security expert, so what do I know? -- dkm At 3/9/2012 10:06 AM Friday, Loren LaLonde wrote: >To Mr. Oas - Hilarious. > >It looks like we'll have to start training our >families and users to pay attention to where a >link points, and remind them to never click on >anything that ends in .exe, .vb*, and all that >good stuff too. This one is particularly >authentic looking since they copied the actual >UPS copyright content, and the format is pretty >similar to the real thing. Except I've never >seen an invoice link, and delivery confirmations always include your address. > >I might as well get ready to be on call with the >relatives for this one. Anyone know which virus >or exploit they're using so I can have the cleanup instructions handy? > >On 3/8/2012 4:00 PM, Jon Galbreath wrote: >>Yup, the page itself has links that go to some >>Java-enabled something or other. I didn’t wait >>around to see what materialized. Fortunately >>Java is so slow there’s time to close the page >>before you find out what’s in store. I’m guessing it’s evil. >> >>Jon Galbreath, MCSE >>Systems Administrator >>International Studies and Programs >>Helpdesk: 517-884-2148 >>Ph: 517-884-2144 >><mailto:[log in to unmask]>[log in to unmask] >> >>From: Laurence Bates [<mailto:[log in to unmask]>mailto:[log in to unmask]] >>Sent: Thursday, March 08, 2012 3:59 PM >>To: <mailto:[log in to unmask]>[log in to unmask] >>Subject: [MSUNAG] FW: UPS Delivery >>Notification, Tracking Number B80F119957814DA9 >> >>This looks like a particularly dangerous email >>load – a credible looking web page attachment >>which offers an executable “invoice” Unless I >>am mistaken, this could catch quite a few users. >> >>Laurence >> >>From: UPS Quantum View [mailto:[log in to unmask]] >>Sent: Thursday, March 08, 2012 1:49 PM >>To: <mailto:[log in to unmask]>[log in to unmask] >>Subject: UPS Delivery Notification, Tracking Number B80F119957814DA9 >> >> >>You have attached the invoice for your package delivery. >> >>Thank you, >>United Parcel Service >> >>*** This is an automatically generated email, please do not reply ***