[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ARSCLIST] WARNING about a new E-Bay identity theft scam...
----- Original Message -----
From: "Mike Richter" <mrichter@xxxxxxx>
> At 02:59 PM 2/6/2005 -0800, steven austin wrote:
> >Who would consider using any link supplied in an email from someone they
> >don't know personally?
>
> A couple of years ago, PC magazine published a letter of mine on the
> subject. The editor had offered an observation akin to yours and I took
him
> to task. Most infectious agents and increasingly spam, phishing and the
> like come from people you know - or, at least, from e-mail addresses of
> people you are likely to know. As they concurred, safe handling of
> attachments consists of
>
> 0. Discarding any which is not justified on its face or by history.
> 1. Scanning with current anti-intrusion software.
> 2. Viewing before opening.
> 3. Opening with safe tools whenever possible.
>
> Thus, most .DOC files can be opened on a PC with WordPad - which cannot
> execute a macro or otherwise endanger your system. Attachments should be
> examined first in a real file manager, not Explorer, so that the dreaded
> double extension can be seen and killed. Most such file managers have safe
> viewers for common file types.
>
> It all sounds very tedious, but it's not. I'd say that it's at least four
> orders of magnitude easier than cleaning out your first infection and
> probably as much cheaper than regaining a stolen identity.
One other warning! It is not uncommon to see "long filenanes" which, when
viewed in their entirety, are something like:
"MESSAGE.TXT .COM"
Because of the numerous spaces following the apparent extension, this
usually
appears as "MESSAGE.TXT" with the actual executable identity invisible. One
clues is that the File Type will appear as "Application!"
...stevenc
http://users.interlinks.net/stevenc/