Quantcast
  1. Sign up now and join over 35,000 northwest gun owners. It's quick, easy, and 100% free!

ATTENTION: Be very careful opening email attachments

Discussion in 'Off Topic' started by Joe Link, Jan 28, 2015.

  1. Joe Link

    Joe Link Portland, OR Well-Known Member Staff Member Lifetime Supporter 2015 Volunteer 2016 Volunteer

    Messages:
    6,246
    Likes Received:
    4,480
    You should always be careful opening email attachments, but I wanted to remind everyone today. As of this morning, I've received three emails that look legitimate but certainly were not. Improperly configured email and DNS servers can allow malicious people to 'spoof' email addresses, making it appear an email came from somewhere it didn't. If you do not know the sender, don't open the attachment. If you do know the sender, it's not a bad idea to contact them (even emailing them back is fine) and make sure they meant to send it to you.

    Yesterday a severe Linux exploit named Ghost was revealed, and it took quite some time for the release of a patch. I'm not sure if this is related, but if it is, we may see more of this in the coming days.

    Anyway, back to the example :)

    Check this out - everything looks correct, including the 'From' address. Note the zip file attached.

    upload_2015-1-28_10-51-17.png

    Taking a closer look at the headers reveals that it actually came from what appears to be a dynamic comporium.net mail server, definitely not efax.

    upload_2015-1-28_10-51-32.png

    I'm not sure what would have happened had I opened this, but I definitely do not want to find out!

    Stay safe everyone.
     
  2. etrain16

    etrain16 Oregon Bronze Supporter Bronze Supporter

    Messages:
    8,469
    Likes Received:
    19,443
    My general rule is - if I'm not expecting an email with an attachment, it never, ever gets opened until I confirm with the sender that it's legitimate. At the company I work for, they have a real problem with stuff like this and the amazing numbers of folks that open them without question.

    Good advice Joe.
     
  3. Monica Cowles

    Monica Cowles Grays Harbor, Washington Member, NRA (Life) USCCA, ACLDN, SAF (Life) Staff Member Silver Supporter

    Messages:
    420
    Likes Received:
    1,207
    I address this threat when I teach the Refuse To Be A Victim seminars...always check out the actual address at the bottom of the email program when you hover over any links within a suspicious or even a 'legitimate looking' email, as well.
    For a while I was getting emails from "Amazon", "FedEx", "LinkedIn" and "UPS"...but the links within the emails did not go to those sites....o_Oo_O
     
  4. 308

    308 ΜOΛΩΝ ΛΑΒΕ ΜOΛΩΝ ΛΑΒΕ Platinum Supporter Silver Supporter

    Messages:
    3,287
    Likes Received:
    6,521
    985 Page Fax =11KB?
    That's a bit odd in and of itself o_O
     
  5. Just Jim

    Just Jim Well-Known Member

    Messages:
    6,828
    Likes Received:
    6,266
    I don't have any financial information on my putor nor any personal information. All they are going to get is what they get from Google or criminals are us.:D If somebody makes a false post in my name I could prove it wasn't me with my Internet service or my history on my putor.

    There has been a lot of talk on other boards about phone calls to get computer information too, I think we should get used to the knowledge that computers are totally insecure. People are always spying so don't leave anything out there to use against you.
     
  6. Stomper

    Stomper Oceania Rising White Is The New Brown Silver Supporter

    Messages:
    12,888
    Likes Received:
    19,464
    Yeah, don't steal and don't spy. The government HATES competition. :rolleyes:o_O
     
  7. BoonDocks36

    BoonDocks36 Oregon, in the boondocks Christian. Conservative. Male.

    Messages:
    1,561
    Likes Received:
    2,174
    My PET Peeve of all ~social media~.... I have Deleted former aquaintances when they did not understand me The Second Time that I want Nothing to Do with LinkedIn... (Hey, I am a nice guy, I'll tell you Twice, that something sux... Then it bye bye email address, and Spam Filter time)!!!!!

    And thanks Joe, for the reminder!!!!

    The other item that PerTurbs me, is EMail jokes, or pass alongs, where there are 99 other To Recipiants!!!! Do people Not Understand how, And WHY, to use BCc??????

    Each and every To: reciepient can have those names spammed off their machines with out even knowing it happens... Not good.

    philip :confused:
     
  8. clearconscience

    clearconscience Vancouver, WA Well-Known Member

    Messages:
    5,551
    Likes Received:
    7,009
    This has been happening at my workplace. I received an email that looked really legit from a vendor of mine saying they attached my bid requested. Since I didn't request a bid I looked up their email and is was the correct email address. I forwarded the email to the vendor with big bold letters saying DO NOT OPEN ATTACHMENT!
    And asked if it was her, of course she didn't send it so I forwarded it our IT department and made them aware.

    Seems like it's becoming more popular to target corporations these days
     
  9. Caveman Jim

    Caveman Jim West of Oly Springer Slayer 2016 Volunteer

    Messages:
    5,218
    Likes Received:
    8,771
    Yep, I wouldn't touch that with a 20' mouse cord!!!!!
     
    Just Jim and BoonDocks36 like this.
  10. The Heretic

    The Heretic Oregon Well-Known Member

    Messages:
    5,036
    Likes Received:
    6,775
    They don't necessarily need your info, they may just want to turn your computer into one of their "zombies" to send out spam, or to use to attack other computers.

    A lot of people's computers are zombies and they don't even know it - they just wonder why their computers run so slow, or turn on in the middle of the night.

    I don't open attachments unless I am expecting them. I also generally don't go to links in emails, even if they look legit. I open a browser window and go to the website by typing in the base URL if I need to do something with a website where I need to enter a password to access something.

    It is funny, over the years (I've been a computer professional for over 30 years), I think I have only been infected twice, maybe 3 times. Once was a from a floppy given to me to test a program as part of my job, the last one was website I visited on a computer that had an old version of Windows and IE so wasn't properly protected. I can't remember if/what was the third one.

    But as soon as I give a computer to someone (I usually give away the some when I get a new one), they manage to bring it to its knees with infections inside a month, sometimes within a week. The two most common vectors are emails and porn sites in my experience.
     
  11. Just Jim

    Just Jim Well-Known Member

    Messages:
    6,828
    Likes Received:
    6,266
    It amazes me that with all the smart computer guys out there they can't stop all the virus crap.
     
    Caveman Jim likes this.
  12. etrain16

    etrain16 Oregon Bronze Supporter Bronze Supporter

    Messages:
    8,469
    Likes Received:
    19,443
    Probably because they're creating the viruses in the first place, just to keep themselves employed ;)
     
    Caveman Jim and albin25 like this.