New FedEx Virus Email

Mark Berry January 28, 2012

Back in November, I wrote about an airline ticket virus email. Now it’s FedEx:  today I received this email supposedly from FedEx with a zip file attachment:

Fedex Virus 1

If you open the zip file to see the “invoice,” you’ll see what looks like a a PDF file:

Fedex Virus 2

However if you go to Windows Explorer and uncheck “Hide extensions of known file types,” you’ll see that it is actually an executable file:

Fedex Virus 3

Don’t run it! That means don’t double-click on it to “open” it. It’s got to be a virus.

Another clue:  the subject line refers to USPS but the body refers to FedEx.

This virus bypassed the VIPRE anti-virus on my computer. www.virustotal.com shows that only 2 of 43 engines currently recognize it as a virus.

As usual:  if you don’t recognize the sender, or are not expecting the email, don’t open the attachment! In fact, I’d say just don’t open attachments from anyone unless you personally know the sender (e.g. a friend or colleague) and you are expecting them to send you a file. Big companies are not just not sending email with attachments.

More...

New Airline Ticket Virus Email

Mark Berry November 3, 2011

Today I received an email supposedly from American Airlines with an Zip file attachment:

American Airlines ticket virus 1

If you open the zip file, you’ll see what looks like a Word document:

American Airlines ticket virus 2

However if you go to Windows Explorer and uncheck “Hide extensions of known file types,” you’ll see that it is actually an executable file:

American Airlines ticket virus 3

Don’t run it! That means don’t double-click on it to “open” it. It’s got to be a virus.

The scary thing is that this virus was delivered directly to my Outlook inbox. It got past Forefront security on Office 365, and my up-to-date VIPRE anti-virus does not flag it as a virus. When I submitted it to www.virustotal.com, only 1 of 42 engines currently recognized it as a virus.

As usual:  if you don’t recognize the sender, or are not expecting the email, don’t open the attachment!

Update January 16 and 19, 2012:  Several people have asked how to remove this virus, the main effect of which is apparently to hide (but not delete) files on your computer. Thanks to the several posters who have offered suggestions. For example, see these comments below:

  • December 16, 2011 – Susan Green
  • December 16, 2011 – Michael
  • January 6, 2012 – Teresa
  • January 16, 2012 – Shea
  • January 19, 2012 – Bob
  • January 19, 2012 – Mark

Use these procedures at your own risk! If you’re not comfortable with the procedures and especially if you don’t have a good backup of your files, find a professional to help.

More...

Anatomy of a Hacked Web Site

Mark Berry June 15, 2011

Today I visited www.dmachoice.org, the web site of the Direct Marketing Association, intending to update my opt-out preferences. I was surprised when one of the pages took me off their site to a third-party page. When it happened a second time, I started looking for signs that the site had been hacked.

More...

About

Welcome to MCB Systems!

MCB Systems is a San Diego-based provider of software and information technology services.

Our software services include customization and programming to make software work for you.

Our proactive I.T. services help businesses control costs by providing a fixed monthly bill for routine I.T. services.

We take a consulting approach that listens first and provides solutions tailored to your business.

Contact MCB Systems today to discuss your technology needs!

Copyright © 2017 MCB Systems. All rights reserved.
Terms of Use - Privacy Policy
Created in WordPress using the Afterburner theme by RocketTheme.