While I can not imagine living without the now age old Internet tool known as email, using email can be dangerous to the health of your computer. Fortunately there is a simple rule that can prevent most attacks dressed up and disguised as email.
NEVER, NEVER, NEVER open an email attachment in which you are not absolutely sure of its content. Did I say NEVER?
Here at Gossamer we run the very best virus scanning software (CLAMAV) and spam detection software (SPAMASSASSIN) offered by the OpenSource community. Every day thousands of virus and spam laden email is detected and rejected by our email server.
In addition, we have added an additional layer of prevention provided by automatically monitoring the sources of detected virus and spam generators and blocking their IP addresses. Our blocked (blackhole) list of IP addresses contains, on average, some 50,000 IP addresses from all over the globe. Our blackhole is updated every few minutes.
In addition, we permanently block all IP addresses that generate email using a spoofed address under our control.
Recently we have seen a number of Trojan horses preying on popular social media networking sites like Facebook and MySpace along with a few emails dressed up as coming from Microsoft’s Exchange email server, an email server which we do not use or recommend.
A recent popular version of delivering a trojan horse has been dressed up as a request to update your Facebook account agreement.
Dear Facebook user,
Due to Facebook policy changes, all Facebook users must submit a new, updated account agreement, regardless of their original account start date. Accounts that do not submit the updated account agreement by the deadline will have restricted.
Please unzip the attached file and run “agreement.exe” by double-clicking it.
Thanks,
The Facebook TeamConfirmation Code #: 60768260508
Aside from the quick clue consisting of a grammatical error, and the fact that the email address is not used with a Facebook account; a quick google foo reveals that the attachment provided, disguised as an update to your account agreement, is a trojan known as either the Trojan.Sasfis.A (BitDefender), W32/Sasfis.E (F-Prot) or Trojan:Win32/Oficla.E (Microsoft).
While it is impossible to detect and deny delivery of all harmful email, notably attacks that are very, very new, you can protect yourself by following a very simple rule.
NEVER, NEVER, NEVER open an email attachment in which you are not absolutely sure of its content. Did I say NEVER?