Malware Alert

14 Mar 2017

There has been a rise in malware emails.  It is very important that you remember to be vigilant about clicking links in emails even if it appears to be from someone you know.  Hackers can make an email address look like is came from someone you know.  This is called spoofing.  Hackers use this technique to lure you into clicking a link that has malicious code waiting on the other end. 

 

Look carefully at the email.  Contextually does it make sense for someone to send you link that is hidden?  If you are not sure call the person before clicking the link.

 

Technically you can look at the header of the email and see what server the email originated from.  This is beyond most users, but it is not difficult to do.  See the email above.  It certainly looks legitimate.  Look at the addresses it is sent to.  Definitely a targeted attack.  We call attempts by hackers to lure you into clicking email link phishing.  Yes it is like fishing, you have bait (the email) and you hope they bite (click the link). 

 

However, looking at the email header you can see the email originated from a server with a .ru extension.  We can look that domain up and see that it is listed as a known malware site.  Yandex.ru comes up in malware listed sites and is the server that sent the email comes from Yandex.ru.  It is too much to ask end users to look at the headers, so we need to educate them on how to click wisely.

 

Hackers continue to use the technique because people keep clicking on the bait.  There is at least one one person in every organization who will click on anything, don't be that person.

 

If you want to learn more about phishing and what you can do check out the anti-phishing work-group (APWG)

 

 

Please reload

Featured Posts

Does Security Awareness Work?

July 18, 2018

1/10
Please reload

Recent Posts

March 9, 2020

Please reload

Archive
Please reload

Search By Tags