Mom Dodges a Fake Antivirus Bullet

Mark Berry April 21, 2013

Tonight my mom was browsing her local utility’s web site when she got a popup “Message from webpage” that Microsoft Antivirus had found critical activity A “Microsoft Security Essentials Alert” was behind that.

My smart mom put down the mouse, picked up the phone, and called me. When I connected remotely, I found this screen:

Secure Email Signatures in Outlook 2010

Mark Berry April 8, 2013

I don’t come across Secure MIME (S/MIME) signed emails very often so I thought it might be interesting to post a few screenshots of what happens when you receive a signed email.

Fake Facebook Notifications

Mark Berry December 4, 2012

It seems that fake notification emails from social networking sites are the #1 way that spammers and virus writers try to lure you to their sites. Here’s an example of a fake Facebook notification email and how to tell:

Phony AT&T Bill

Mark Berry August 2, 2012

Got a pretty realistic-looking AT&T billing notice this morning. So how to tell it’s phony? Well beside the fact that I’ve never had a $634 phone bill, all you have to do (if you’re using Outlook) is hover the mouse over various links in the email and you’ll see that they do not point to AT&T sites.

Don’t click on the links, and don’t right-click to download pictures.

Getting through Malware Monday

Mark Berry July 7, 2012

A government-supported workaround to the 2007 DNSChanger virus will expire on Monday, July 9, 2012.

To see if your computer is infected, visit www.dns-ok.us.

If you are infected, run a removal tool. There is a list here: www.dcwg.org/fix.

To read more about DNSChanger, see this PCWorld article.

New USPS Shipment Virus Email

Mark Berry April 19, 2012

Here’s a new variation on the airline ticket virus email that I reported on last November. An email supposedly from the United States Postal Service says that I have a parcel waiting in Kansas City, and tells me to open the attached file:

Don’t open the attachment! It’s a virus.

Virus Confirmation

There are several grammatical errors in the email which should make one suspicious. Plus I doubt that the USPS would send an email with zip file attachments. In fact, the USPS has a prominent warning about these emails on their home page that links to this PDF document:

As usual, the icon for the extracted file is disguised to look like a document (in this case PDF), but if you turn off “Hide extensions of known file types” in Windows Explorer > Tools > Folder Options > View, you’ll see that it is actually an executable (.exe) file:

Fortunately, a day and a half after receiving the email, 27 of 42 anti-virus engines are detecting the attachment as a virus, according to VirusTotal:

Microsoft Security Essentials, updated 4/19/2012, catches this one:

Microsoft Security Essentials is free for home use and for small businesses with up to 10 PCs.

Urgent: New Remote Desktop Vulnerability

Mark Berry March 18, 2012

Remote Desktop is used by most IT service firms to do remote computer maintenance. It’s also a great tool for allowing people to work from home. This week, Microsoft disclosed a vulnerability in Remote Desktop that could allow anyone to remotely connect to your computer and run programs.  According to Microsoft, “…due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.”

Fake LinkedIn Emails

Mark Berry February 6, 2012

Today’s suspicious emails supposedly come from LinkedIn. They look authentic, but the links actually take you away to bogus and potentially malicious web sites.