[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 27/11/13 15:37, Neil Winchurst wrote:
Another one I have had numerous examples of over the last couple of days (three so far today!) is an alleged voicemail left for me on Skype. Except I don't use any of the paid Skype services so nobody /could/ have left a message for me. Besides which the person I speak to most on there is my brother, and he has my phone number anyway.On 27/11/13 14:25, John Allsup wrote:Interesting, thank for the info. Since writing the original email I have has some more "DHL" emails. They are getting cross with me because I have not replied to them! To me it was obvious that they were rubbish.Hi, (I'm new to this list BTW.) Got one myself. I'm generally curious, so save the file and use command line utils to inspect them. It contains one file:DHL_id_report_645436435643548574876586556434232346465657865868565456436434535434546754545634636465987686567575465434354235323454658768756865674564364364364346.pdf.exe:which is a (according to the file command): PE32 executable for MS Windows (GUI) Intel 80386 32-bit The basic trick is to use the long filename to hide the extension, and I suspect that it's builtin icon is a PDF file. http://nakedsecurity.sophos.com/2013/03/20/dhl-delivery-malware/ is a short article about it. Suffice to say that the picture there indicates a bad practice with email software: opening images in an HTML file that are from web addresses and the sender is untrusted. (Essentially, if I send you an HTML email that contains an <img href='http://myserver.com/img?ajf80202h02he08h2'> entry, access to this http address can be logged and used as confirmation that the email has been opened. It is a tried and trusted way of spamming long lists of potential email addresses and seeing which ones are likely active. The DHL mail I received contained no images BTW. Anyway, that's what I can make of it, and I'm not letting that Zip file near my Windoze laptop. All the best, John1 DHL do not know any of my email addresses. 2 I am not expecting any parcels. 3 The attachment was a zip file - yeah right.Also as I said before, even if I had been stupid enough to click on the attachment, as I use Linux only I should have been safe. My wife also has her own laptop and is well advised by me to watch out for such trash. And yes, she too is using Linux.Regards Neil
Julian -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq