Upon a rash of exploitation and infections that hit consumers recently, carrying wonderful payloads such as the latest Lockey / Cryptor variant, it is necessary for another blog update. You need to read this.
What I am writing about today is an email that I received the other day. It appears to be from a relative of mine, given the name, yet the address it came from seemed kinda bogus (even though it was at outlook.com). This threw up a red flag.
Questioning further, the Subject was “Fwd: Fwd: to Noah Auman”, indicating that it was sent to him, then forwarded to me (because it had value, was funny, or contained other greatness). The message contents did not reflect this, as there was no additional correspondence or banter included in the body. Another red flag.
All the email read was “I think you will appreciate it” with a web link following. The hyperlink included my actual name at the end, indicating that it was a “personalized” link for me. It seemed like it could be legitimate, but I looked even closer and found that the link was foreign!
The thing to pay attention to is the letters after the “dot” at the end: (known otherwise as) the “dot com” extension.
In the image you will see that this link ends not in .com .net or .us, but rather with “news3631y.ru”. This is a HUGE RED FLAG.
What I need to stress here is this:
Emails scam artists are getting ever more cunning and tricky. The language they use is getting more sophisticated and seemingly more relevant. Every day they learn what works and what doesn’t work, from the masses of internet users blindly clicking their links. By using names you could know, “personalized” links, or tailored linguistics, an attacker can find his way into your PC by just clicking one bad link.
- Look for discrepancies in spelling, in-congruent talk or banter
- Don’t blindly click links. Investigate the address, first.
- Shy away from opening attachments, unless you are expecting receipt and you know they are from a trusted source.
- Obtain better protection like Managed Antivirus with phishing-protection, link-scanning, and content filtering to better protect your PC
- Obtain a Managed Patching service to keep your system immune from exploits and vulnerabilities
Stay vigilant, my friends.