garys_2k
join:2004-05-07
Farmington, MI
 ·Future Nine Corpor..
·Vonage
| reply to avd706
Re: Information of your Transactions /Phishing+Malware attack
Asking people to sign into a "secure" web page is, IMHO, asking for trouble. Too easy to send a phish email that looks like that and includes a "helpful" link to their spoof site.
I guess that, to me, sending the last few digits of the CC number is better than sending a likely bad web link. At least the CC number gives legitimacy as to who sent it. |
|
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ
| reply to avd706
This is new from AmEx
I just have a problem of them sending details over email, which I consider insecure. I would prefer they ask me to login to their online services webpage and then give me a notification.
--
Team JON. |
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
| reply to DC DSL
said by DC DSL  :said by avd706 :The problem is that the users have a (false) reason to believe that this email is from a reputable source. Maybe if there weren't so many people who don't know how to read or write there'd be less gullibility. Pathetic spelling and grammar are always dead giveaways that a message is suspect. A lot of naive internet users will miss those clues like bad spelling or poor grammar because they panic out of fear (bias) first rather then realize the obvious things which should trigger the right response, not react on impulse which then makes
them fall for the bait. (social engineering 101)
--
Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»www.phishtank.com
»www.fraudwatchers.org
|
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
| reply to avd706
said by avd706 :said by antiphishing :said by Virus123 :
Oh it's malware... I actually have a user that clicked on it.
I'm working with Symantec to diagnose and resolve.
You need to educate that users about clicking on links or attachments in spam (junk email) from users that they don't know or have any relations to. This is the only way to stop the ongoing problem of users computers being infected and then turned into zombie machines or in this case , used in a phishing attempt. The problem is that the users have a (false) reason to believe that this email is from a reputable source. But most reputable sources, like banks will suspend your account so that you have to call them.
Naive Internet users have to realize that a reputable company will NOT contact you about a problem, and they certainly will not do it in a insecure by sending you a email with a attachment . This is where educating naive computer users has to apply.
--
Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»www.phishtank.com
»www.fraudwatchers.org
|
|
DC DSL
Stays crunchy even in milk
Premium
join:2000-07-30
Washington, DC
 ·Covad Communications
·Verizon Online DSL
| reply to avd706
said by avd706 :The problem is that the users have a (false) reason to believe that this email is from a reputable source.
Maybe if there weren't so many people who don't know how to read or write there'd be less gullibility. Pathetic spelling and grammar are always dead giveaways that a message is suspect.
--
There is no giant fur-bearing trout. |
|
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ
| reply to antiphishing
said by antiphishing :said by Virus123 :
Oh it's malware... I actually have a user that clicked on it.
I'm working with Symantec to diagnose and resolve.
You need to educate that users about clicking on links or attachments in spam (junk email) from users that they don't know or have any relations to. This is the only way to stop the ongoing problem of users computers being infected and then turned into zombie machines or in this case , used in a phishing attempt. The problem is that the users have a (false) reason to believe that this email is from a reputable source.
--
Team JON. |
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
| reply to Virus123
said by Virus123 :
Oh it's malware... I actually have a user that clicked on it.
I'm working with Symantec to diagnose and resolve.
You need to educate that users about clicking on links or attachments in spam (junk email) from users that they don't know or have any relations to.
This is the only way to stop the ongoing problem of users computers being infected and then turned into zombie machines or in this case , used in a phishing attempt.
--
Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»loudobbs.tv.cnn.com/
»fraudwatchers.org/forums/
|
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to kevyip1
It is possible, that ypur copy of the virus was detected during email processing. Upload your copy of the file to Virus Total for analysis: »www.virustotal.com/ request a fresh analysis if they show a previous submit. That way you can see if the the total detections has increased from the original 6.
It will also confirm whether you have a live or neutered copy of the virus.
MGD |
|
kevyip1
join:2003-03-25
| reply to MGD
FWIW, my avast just got the 6/17 definition and it still didn't detect anything.
Could bogus viruses be sent out? If the intent was to waste our time figuring it out, sending us bogus viruses would be one way to do it.
I've received harmless .exe files before in which months later my virus scanners still couldn't detect anything. |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to kevyip1
According to the Virus Total report:
Avast was not one of the 6 AVs that detected it. While it did list Symantec detection version 1.4.4.12 as flagging it, I am not sure if that is the current definition that Yahoo is using.
Based on the distributed submits many AV's will update definitions to include this detection
From time to time there are discrepancies between VT's list of detections and the real world version results. In that AVs that are not listed as catching a virus, in fact are.
MGD |
|
kevyip1
join:2003-03-25
| reply to avd706
said by avd706 :said by kevyip1 :Is it really a malware or not? ... I asked why NAV at YM didn't detect anything. To answer your second question: because AV software sucks and is a waste of system resources. But the virustotal report mentioned upthread says Symantec should detect it as Infostealer.Bancos.C . |
|
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ
1 edit | reply to kevyip1
said by kevyip1 :Is it really a malware or not? ... I asked why NAV at YM didn't detect anything. To answer your second question: because AV software sucks and is a waste of system resources.
--
Team JON. |
|
kevyip1
join:2003-03-25
| reply to avd706
said by avd706 :how many word formatted attachments are also executable files? I know what Word files look like. That was not the question I asked. I asked why NAV at YM didn't detect anything. |
|
Virus123
@xo.net | reply to antiphishing
Oh it's malware... I actually have a user that clicked on it.
I'm working with Symantec to diagnose and resolve. |
|
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ
| reply to kevyip1
how many word formatted attachments are also executable files?
--
Team JON. |
|
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ
| reply to Doctor Four
said by Doctor Four :Obvious social engineering malware ploy. No real credit card holder is going to email you about suspicious transactions - they will always call you. At least this is what has happened with me on two separate occasions. They stop my card and send me an email to call them. I hate that.
--
Team JON. |
|
kevyip1
join:2003-03-25
| reply to MGD
Norton AV at Yahoo mail didn't find anything in report-8977.exe. Screenshot: »img87.imageshack.us/img87/8579/y···il01.jpg
As I said, avast also didn't find anything.
Is it really a malware or not? |
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
| reply to Doctor Four
said by Doctor Four :Obvious social engineering malware ploy. No real credit card holder is going to email you about suspicious transactions - they will always call you. At least this is what has happened with me on two separate occasions. In my opinion,Their are a lot of naive internet users out there that would install this malware and or give up their credit card numbers by reading a email that utilizes Social Engineering.
--
Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»loudobbs.tv.cnn.com/
»fraudwatchers.org/forums/
|
|
DC DSL
Stays crunchy even in milk
Premium
join:2000-07-30
Washington, DC
·Covad Communications
·Verizon Online DSL
| reply to antiphishing
FYI, the header from the one I got is:
--
There is no giant fur-bearing trout. |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
| reply to antiphishing
Obvious social engineering malware ploy. No real credit card holder is going to email you about suspicious transactions - they will always call you. At least this is what has happened with me on two separate occasions.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)
|
|
