Phony AT&T Bill

Mark Berry August 2, 2012

Got a pretty realistic-looking AT&T billing notice this morning. So how to tell it’s phony? Well beside the fact that I’ve never had a $634 phone bill, all you have to do (if you’re using Outlook) is hover the mouse over various links in the email and you’ll see that they do not point to AT&T sites.

Don’t click on the links, and don’t right-click to download pictures.

Phony AT&T Bill 1

More...

Getting through Malware Monday

Mark Berry July 7, 2012

A government-supported workaround to the 2007 DNSChanger virus will expire on Monday, July 9, 2012.

To see if your computer is infected, visit www.dns-ok.us.

If you are infected, run a removal tool. There is a list here: www.dcwg.org/fix.

To read more about DNSChanger, see this PCWorld article.

More...

New USPS Shipment Virus Email

Mark Berry April 19, 2012

Here’s a new variation on the airline ticket virus email that I reported on last November. An email supposedly from the United States Postal Service says that I have a parcel waiting in Kansas City, and tells me to open the attached file:

USPS Virus 1

Don’t open the attachment! It’s a virus.

Virus Confirmation

There are several grammatical errors in the email which should make one suspicious. Plus I doubt that the USPS would send an email with zip file attachments. In fact, the USPS has a prominent warning about these emails on their home page that links to this PDF document:

USPS Virus 2

As usual, the icon for the extracted file is disguised to look like a document (in this case PDF), but if you turn off “Hide extensions of known file types” in Windows Explorer > Tools > Folder Options > View, you’ll see that it is actually an executable (.exe) file:

USPS Virus 5

Fortunately, a day and a half after receiving the email, 27 of 42 anti-virus engines are detecting the attachment as a virus, according to VirusTotal:

USPS Virus 3

Microsoft Security Essentials, updated 4/19/2012, catches this one:

USPS Virus 4

Microsoft Security Essentials is free for home use and for small businesses with up to 10 PCs.

More...

Urgent: New Remote Desktop Vulnerability

Mark Berry March 18, 2012

Remote Desktop is used by most IT service firms to do remote computer maintenance. It’s also a great tool for allowing people to work from home. This week, Microsoft disclosed a vulnerability in Remote Desktop that could allow anyone to remotely connect to your computer and run programs.  According to Microsoft, “…due to the attractiveness of this vulnerability to attackers, we anticipate that an exploit for code execution will be developed in the next 30 days.”

More...

Fake LinkedIn Emails

Mark Berry February 6, 2012

Today’s suspicious emails supposedly come from LinkedIn. They look authentic, but the links actually take you away to bogus and potentially malicious web sites.

More...

New FedEx Virus Email

Mark Berry January 28, 2012

Back in November, I wrote about an airline ticket virus email. Now it’s FedEx:  today I received this email supposedly from FedEx with a zip file attachment:

Fedex Virus 1

If you open the zip file to see the “invoice,” you’ll see what looks like a a PDF file:

Fedex Virus 2

However if you go to Windows Explorer and uncheck “Hide extensions of known file types,” you’ll see that it is actually an executable file:

Fedex Virus 3

Don’t run it! That means don’t double-click on it to “open” it. It’s got to be a virus.

Another clue:  the subject line refers to USPS but the body refers to FedEx.

This virus bypassed the VIPRE anti-virus on my computer. www.virustotal.com shows that only 2 of 43 engines currently recognize it as a virus.

As usual:  if you don’t recognize the sender, or are not expecting the email, don’t open the attachment! In fact, I’d say just don’t open attachments from anyone unless you personally know the sender (e.g. a friend or colleague) and you are expecting them to send you a file. Big companies are not just not sending email with attachments.

More...

New Airline Ticket Virus Email

Mark Berry November 3, 2011

Today I received an email supposedly from American Airlines with an Zip file attachment:

American Airlines ticket virus 1

If you open the zip file, you’ll see what looks like a Word document:

American Airlines ticket virus 2

However if you go to Windows Explorer and uncheck “Hide extensions of known file types,” you’ll see that it is actually an executable file:

American Airlines ticket virus 3

Don’t run it! That means don’t double-click on it to “open” it. It’s got to be a virus.

The scary thing is that this virus was delivered directly to my Outlook inbox. It got past Forefront security on Office 365, and my up-to-date VIPRE anti-virus does not flag it as a virus. When I submitted it to www.virustotal.com, only 1 of 42 engines currently recognized it as a virus.

As usual:  if you don’t recognize the sender, or are not expecting the email, don’t open the attachment!

Update January 16 and 19, 2012:  Several people have asked how to remove this virus, the main effect of which is apparently to hide (but not delete) files on your computer. Thanks to the several posters who have offered suggestions. For example, see these comments below:

  • December 16, 2011 – Susan Green
  • December 16, 2011 – Michael
  • January 6, 2012 – Teresa
  • January 16, 2012 – Shea
  • January 19, 2012 – Bob
  • January 19, 2012 – Mark

Use these procedures at your own risk! If you’re not comfortable with the procedures and especially if you don’t have a good backup of your files, find a professional to help.

More...

“We Are Going to Sue You” Virus Spam

Mark Berry September 26, 2011

A new spam email warns that you will be sued—for sending spam! Don’t worry about being sued, but do worry about opening the attachment that purports to be a scanned document. It’s actually a known virus. The email contains at least one language error, but it’s one that is easy to miss. More info on the websense blog.

More...

About

Welcome to MCB Systems!

MCB Systems is a San Diego-based provider of software and information technology services.

Our software services include customization and programming to make software work for you.

Our proactive I.T. services help businesses control costs by providing a fixed monthly bill for routine I.T. services.

We take a consulting approach that listens first and provides solutions tailored to your business.

Contact MCB Systems today to discuss your technology needs!

Copyright © 2017 MCB Systems. All rights reserved.
Terms of Use - Privacy Policy
Created in WordPress using the Afterburner theme by RocketTheme.