Smelly Phish
Posted by Brian Gallutia on Oct 14, 2009
This week e-mail users have been getting bombarded with messages that read like the following:
Dear user of the phoenix-now.com mailing service!
We are informing you that because of the security upgrade of the mailing service your mailbox (your@emailaddress.com) settings were changed. In order to apply the new set of settings click on the following link:
The above is a phishing attack, meant to get you to divulge private information to someone that definitely does not have your best interests at heart.
If you receive something like this and are unsure whether it is valid, please contact us, your Internet Service Provider (ISP) or the mail service provider you use.
Welcome to the party Mac..
Posted by Brian Gallutia on Apr 23, 2009
Macintosh computers are now being targeted by malware writers.
Welcome to the party Mac users. Your seat is right this way…
On April 1, Mario Ballano Barcena and Alfredo Pesoli claim to have discovered the first Mac zombie botnet in existence. The botnet stems from a Trojan horse embedded in a iWork ‘09 trial version that was making the rounds on file-sharing networks. The risk first came to light in January when security firm Intego warned of the potential threat hidden in the files.
I must admit that I am reporting this to you with a small amount of schadenfreude. I don’t have enough fingers on my hands to tell you the number of arguments I’ve gotten into with Mac users on how “stable and secure” a Macintosh computer is. Please allow me this opportunity to use this post as a soapbox for present and future arguments I may get into on this subject…
The real reason that Apple computers are more stable and secure with regards to viral and spyware attacks is for this reason and this reason alone: Mac users are small potatoes.
People lose sight of the fact that virus makers used to be kids in basements trying to see if they could program the next big inconvenience to the most people possible. Now, with the advent of spyware and pop-ups, the reasons are very clear: money and money. As long as there are web site marketers out there that will pay-per-click, there will be virus and spyware writers set on maximizing clicks by putting as many pop-ups in front of your browser as possible.
Now, if you were a virus/spyware writer looking to make a quick buck and you needed to strike as many people as possible in a short amount of time (until someone writes a tool that removes your handiwork), which platform would you choose? Would you choose a computing platform that has less than 3% of the desktop computing market, or would you shoot for the 90th percentile? The answer is obviously the highest percentage of computer users, and those are Windows users.
I said it before and I’ll say it again: Mac’s days of wine and roses are almost over. The bigger Apple gets, the bigger a target they will be for virus writers.
The worst part of all of this is when that day comes, the Mac faithful who have been computing in their iCoccoons won’t know how to avoid infection when it comes looking for them. They won’t be prepared for all of the pop-ups and all of the lost productivity hours that a serious case of spyware can manifest.
Don’t fear, Mac users - PCS will be ready to provide assistance when the day of reckoning approaches. We’ve been in the trenches, we know what you’re in for, and yeah, we can help.
See this scar? Yea, this big one right here? I got that back during the Sasser invasion of 2004…
Malware Alert - Colonial Bank
Posted by Brian Gallutia on Dec 10, 2008
Be aware of a new scam out in the e-mail jungle from “Colonial Bank.” The subject is “Colonial Bank on progress - New Demo Review” and the link takes you to what appears to be a valid site, but when trying to view the demo, you are told to update your Flash player:
The infection-type works just like Koobface, so steer clear of this hack attempt. If you get into trouble, please remember that you can always tap PCS for help.
Malware: UPS Packet Service
Posted by Aaron on Jul 28, 2008
Welcome everyone to the new PCS website. I know the site has been up for a little while now but since this is my first addition to the blog I wanted to welcome everyone anyway.
I got an email this morning from “UPS” saying this:
From: UPS Packet Service
Subject: UPS Paket N0143034179
Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office
Your UPS
The email was a little bit different than this but the same idea. The email came with an attachment that I was supposed to download and run in order to get my package. This email is actually a virus and spyware installing email. I wanted to pass this along because the email almost fooled me. I am actually expecting a package and when I saw this I wanted to make sure that I was going to receive it. I did not open the attachment and just deleted the email. UPS has released a statement about this here:
http://www.ups.com/content/us/en/about/news/service_updates/virus_us.html
This is also a good time to remind everyone about safe email practices. DO NOT open any attachments from anyone unless you know what the attachment is and are expecting an attachment from that person. It is also good practice to confirm with a contact that they indeed sent you an attachment and that it is safe. The best way to spread a virus is for the virus to send to people in your contact list. So if a friend gets infected it will try and infect you also. If you have further question please contact any one of us here at PCS for further help.
