[pchelpers] Re: warning from Australian Computer Emergency Response Team
- From: John Durham <john.modec@xxxxxxxxxx>
- To: pchelpers@xxxxxxxxxxxxx
- Date: Tue, 26 Sep 2006 07:31:03 +1200
Ekhart GEORGI (last name last) wrote:
> Quoted from
> http://www.auscert.org.au/render.html?it=6771
> New trojan spam targeting unpatched Internet Explorer VML vulnerability
>
> OVERVIEW
> A new spam email purporting to be from the Commonwealth Bank of
> Australia directs unsuspecting users to sites that use the recently
> discovered unpatched Internet Explorer VML processing vulnerability [1]
> to attempt to install malware. At the moment this appears to be
> wide-spread with well over 1000 emails reported in a single organisation.
>
> IMPACT
> Users who follow the links contained within the email with a vulnerable
> version of Internet Explorer may become infected with an unknown trojan.
> As this trojan is linked to an email referencing a financial institution
> it is likely it will attempt to steal authentication details for the
> purpose of financial fraud.
I have filtered a number of these already. For those in the unique
position of actually being customers of this bank, please note:
This message was broadcast using a wide variety of email addresses, many
created systematically. By using a utility line mailwasher, it is
possible to make a filter to protect against it which I have named "Not
to me".
In it, use conditions like the "To field" + "does not contain" +
"john.modec@xxxxxxxxxx" and repeat the conditions to cover all your
legitimate email addresses. Select "all conditions must be satisfied"
before OKing the filter.
Most randomly addressed mail will fail to pass this filter since it has
to be addressed specifically to you to be legitimate.
--
Regards, John Durham <http://modecideas.com/contact.html?sig>
ICQ number 112663246
Fax/Phone 64 4 5286786
Award winning web site at http://modecideas.com?sig
Order my latest e-book at http://modecideas.com/dmaxhits.htm?sig
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Good advice is like good paint- it only works if applied.
--
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.
- References:
- [pchelpers] warning from Australian Computer Emergency Response Team
- From: Ekhart GEORGI (last name last)
Other related posts:
- » [pchelpers] warning from Australian Computer Emergency Response Team
- » [pchelpers] Re: warning from Australian Computer Emergency Response Team
- [pchelpers] warning from Australian Computer Emergency Response Team
- From: Ekhart GEORGI (last name last)