Comments on: A new twist on spam? http://moreati.org.uk/blog/2009/09/24/a-new-twist-on-spam/ A blog about life, technology & databases Thu, 17 Jun 2010 01:50:45 +0000 hourly 1 http://wordpress.org/?v=3.0 By: ambrose http://moreati.org.uk/blog/2009/09/24/a-new-twist-on-spam/comment-page-1/#comment-567 ambrose Mon, 28 Sep 2009 13:34:25 +0000 http://moreati.org.uk/blog/?p=153#comment-567 Yes, correct. They either required you to download an ActiveX control or a Java applet, and I agree that downloading ActiveX is just as dangerous as downloading an exe, but since it is Trend Micro we trusted it. But the point is that the hoax email specifically mentions that the administrator does not allow installation of exe files (which would indeed be a valid concern for a "small centre" because the computer would probably be donated and they probably would have no spare licenses to reinstall Windows); there is no such admin control for ActiveX so the hoax would still sound legit at first glance. BTW, in our case since we do have admin access we just switched to a free scanner (that requires installation). Yes, correct. They either required you to download an ActiveX control or a Java applet, and I agree that downloading ActiveX is just as dangerous as downloading an exe, but since it is Trend Micro we trusted it. But the point is that the hoax email specifically mentions that the administrator does not allow installation of exe files (which would indeed be a valid concern for a “small centre” because the computer would probably be donated and they probably would have no spare licenses to reinstall Windows); there is no such admin control for ActiveX so the hoax would still sound legit at first glance.

BTW, in our case since we do have admin access we just switched to a free scanner (that requires installation).

]]> By: Alex Willmer http://moreati.org.uk/blog/2009/09/24/a-new-twist-on-spam/comment-page-1/#comment-558 Alex Willmer Sun, 27 Sep 2009 23:25:16 +0000 http://moreati.org.uk/blog/?p=153#comment-558 Dougie and ambrose, I agree the question has probably been copied from a genuine enquiry. If the Trend Micro online scan worked as you recall, there was probably an Active-X control involved. The effect is the same as downloading a .exe, a program is downloaded from the website, and runs on your computer. I suggest Avast! anti virus <http://www.avast.com> and using a better web browser, such as Firefox <http://getfirefox.com> or Google Chrome <http://www.google.com/chrome>. If you must use Internet Explorer, please upgrade to version 8.0. Dougie and ambrose, I agree the question has probably been copied from a genuine enquiry. If the Trend Micro online scan worked as you recall, there was probably an Active-X control involved. The effect is the same as downloading a .exe, a program is downloaded from the website, and runs on your computer.

I suggest Avast! anti virus and using a better web browser, such as Firefox or Google Chrome . If you must use Internet Explorer, please upgrade to version 8.0.

]]> By: ambrose http://moreati.org.uk/blog/2009/09/24/a-new-twist-on-spam/comment-page-1/#comment-527 ambrose Fri, 25 Sep 2009 14:25:38 +0000 http://moreati.org.uk/blog/?p=153#comment-527 The question does sound reasonable to me. In fact I asked myself precisely the same question some not-so-long time ago. Trend Micro used to provide an online scan that both (1) works and (2) does not require you to download an exe file. Now the new version requires you to download an exe file, which I don't want. So I would instinctively feel that the question is legit and has come from a former "Housecall" user… The question does sound reasonable to me. In fact I asked myself precisely the same question some not-so-long time ago. Trend Micro used to provide an online scan that both (1) works and (2) does not require you to download an exe file. Now the new version requires you to download an exe file, which I don’t want. So I would instinctively feel that the question is legit and has come from a former “Housecall” user…

]]> By: Dougie http://moreati.org.uk/blog/2009/09/24/a-new-twist-on-spam/comment-page-1/#comment-518 Dougie Thu, 24 Sep 2009 18:28:58 +0000 http://moreati.org.uk/blog/?p=153#comment-518 If you put the text into google there are lots of hits, one of them being Yahoo answers. http://tinyurl.com/ya7gwwu (http://uk.answers.yahoo.com/question/index;_ylt=AhHqDD0QSO2upwtaeGiejfPeMBV.;_ylv=3?qid=20090921021907AArNZwx&show=7#yan-answers) I wonder if this is a hoax based on an original genuine question? The 'smart' thing for the phisher to do, as the asker, would be to recommend the malware website as the best answer, but it doesn't look like they have. If you put the text into google there are lots of hits, one of them being Yahoo answers.
http://tinyurl.com/ya7gwwu (http://uk.answers.yahoo.com/question/index;_ylt=AhHqDD0QSO2upwtaeGiejfPeMBV.;_ylv=3?qid=20090921021907AArNZwx&show=7#yan-answers)

I wonder if this is a hoax based on an original genuine question? The ‘smart’ thing for the phisher to do, as the asker, would be to recommend the malware website as the best answer, but it doesn’t look like they have.

]]> By: felix http://moreati.org.uk/blog/2009/09/24/a-new-twist-on-spam/comment-page-1/#comment-509 felix Thu, 24 Sep 2009 08:20:30 +0000 http://moreati.org.uk/blog/?p=153#comment-509 Interesting, the same mails appeared yesterday on the Gnome Do list. The senders were different (seraklamm69623@gmail.com and javiercoufal22053@gmail.com), but the content is exactly the same. It seems that the enemy is becoming smarter... Interesting, the same mails appeared yesterday on the Gnome Do list. The senders were different (seraklamm69623@gmail.com and javiercoufal22053@gmail.com), but the content is exactly the same. It seems that the enemy is becoming smarter…

]]>