Full Disclosure mailing list archives
Re: Hey, ya! =))
From: yossarian <yossarian () planet nl>
Date: Wed, 10 Mar 2004 01:34:44 +0100
Well, they do give social engineering a try I got: Hello user of Planet.nl e-mail server, Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software. For more information see the attached file. For security purposes the attached file is password protected. Password is "71643". aMMount? ----- Original Message ----- From: "madsaxon" <madsaxon () direcway com> To: <full-disclosure () lists netsys com> Sent: Tuesday, March 09, 2004 5:58 PM Subject: Re: [Full-disclosure] Hey, ya! =))
At 09:12 AM 3/9/2004 -0600, jeremy () austin ibm com wrote:Any virus that is inside a password protected zip file, and that requires the user to type in the password should never have made it to it's 2nd/3rd infection. This one is social engineering at it's finest.. "Ooooh, a password, what's inside must be secret!" :^)I can't really think of any legitimate reason to pwd-zip an attachment and then include the pwd in plain text in the body. I think it's safe to assume that any such message is malware and discard it as far up the chain as possible. m5x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Hey, ya! =)) chris (Mar 09)
- Re: Hey, ya! =)) harry (Mar 09)
- Re: Hey, ya! =)) jeremy (Mar 09)
- Re: Hey, ya! =)) madsaxon (Mar 09)
- RE: Hey, ya! =)) joe (Mar 09)
- Re: Hey, ya! =)) yossarian (Mar 09)
- Re: Hey, ya! =)) yossarian (Mar 09)
- Re: Hey, ya! =)) jeremy (Mar 09)
- Re: Hey, ya! =)) harry (Mar 09)