As always be very careful when you get an e-mail that you don't expect. Just last week my own wife sent me a video via e-mail and the first thing I did was call her and ask if she had sent it to me. It turns out she had but it could easily be an e-mail containing Spam/malware like the latest storm being reported on by the Internet Storm Center.
Storming into April on Fools Day
http://isc.sans.org/diary.html?storyid=4222
Here are some subject lines to watch out for (there may be more variations):
- All Fools' Day
- Doh! All's Fool
- Doh! April's Fool.
- Gotcha!
- Gotcha! All Fool!
- Gotcha! April Fool!
- Happy All Fool's Day.
- Happy All Fools Day!
- Happy All Fools!
- Happy April Fool's Day.
- Happy April Fools Day!
- Happy Fools Day!
- I am a Fool for your Love
- Join the Laugh-A-Lot!
- Just You
- One who is sportively imposed upon by others on the first day of April Surprise!
- Surprise! The joke's on you.
- Today You Can Officially Act Foolish
- Today's Joke!
The download is a binary, also with varying names:
foolsday.exe
funny.exe
kickme.exe
In your e-mail it will look something like this:
April Fool's Day http://276.233.234.297 <= This is an invalid link intended to be harmless
CudaMail blocks .EXE attachments by default so anyone using our CudaMail managed anti-spam service is not going to be getting any of the malware payloads but some of the links may slip through.
We are blocking new variants as quickly as they are discovered but the best defense is to be educated to not click on unsolicited links.
Consider yourself educated. :)
- Shaun
No comments:
Post a Comment