Archive for the ‘Phishing’ Category

This Phishing Scam Email Is Legit

Tuesday, April 16th, 2013

I recently finished reading Mandiant‘s fantastic APT1 Report. One of the gems is on page 29, which details some of the tactics used by phishing attacks carried out by APT1, (speculated to be the elite cyber-attack wing of the Chinese military). (more…)

LinkedIn Scam of the Day

Tuesday, September 4th, 2012

We recently handled an incident response case where our client was infected by malware which was delivered by email. The client plead ignorance, and asked “how can we tell what is real and what is a virus?” Here’s a quick tip to do just that!

For starters, several email clients and web browsers will show you the address of a link before you click on it… provided you take a few seconds and look before clicking! Most people just click away without giving a second thought, which is like running out across the street and then, if ever, looking to see if there is any oncoming traffic, so try to resist that urge and put safety first.

Here’s a sample “LinkedIn” notification I just received.

Suspicious "LinkedIn" Email

(more…)

Why Am I Getting “Email Rejected” or Undeliverable Messages?

Monday, April 16th, 2012

Every now and then we get a call from a client, telling us that they are receiving messages stating that their emails are being rejected, or “bouncing.” The catch? They never sent the email in the first place. So what’s going on?

Although we don’t see as much of this as we did several years back, what’s often happening is that someone else, with whom the client has corresponded, has a virus-infected computer, and that machine is sending out junk email (or viruses), purporting to be our client.

Forging an email, purporting to be someone whom you are not, is trivial, and unless you and/or your email provider have taken steps to secure your systems and your domain, anyone with a little know-how can easily send email as anyone, including you.

In the following graphic, we see an example, where Joe@example.com corresponds with Sally@example.net. An Evil Badguy manages to insert a virus onto Sally’s computer, and it starts to send out spam and viruses. But, this virus is smart! It doesn’t send the emails as Sally – it sends them emails as some random recipient in Sally’s address book, in this case, Joe. When Bob receives “Joe’s” email, he emails Joe to complain, but Joe has no idea what’s going on. He’s even scanned his computer for viruses and found no sign. In an effort to prevent this, Joe could set up an SPF record on his domain, example.com, so that only authorized computers could send emails claiming to be example.com, which could help cut down this sort of behavior.

3rd party virus emails

3rd party virus emails

If you think you are the victim of such a charade, contact us to see how Paradigm can help shield your domain from these attacks.

Phishing Scam du Jour

Sunday, April 24th, 2011

Today I found this little gem in my inbox. Rather than repeating the text, I’ll just put the actual image, which I received, embedded in the body of the email. The hardest thing to believe is that people are still actually falling for these things.

WINNER OF 2010 FIFA WORLD CUP