The twist that makes it notable is that the file is zipped and has a password. That means that the content is encrypted. Email and virus scanners, therefore, cannot scan the content of these files and must skip them.
That means, dear reader, that YOU are your own worst enemy. If you are unwary, you put in the password, decrypt the virus and run the program, thinking it has already been scanned. IT HAS NOT BEEN SCANNED!
Don't be fooled.
Most, if not all, reputable services will NOT send you an attachment with executable code.
Exploits are changing quickly. Be wary of anything that seems suspicious. If you are not sure about something, ask someone you trust about it. You can also do what I do when I get something fishy in my email. Use a search engine to see if other people have encountered the same thing. More than likely, others have had your problem and can offer additional information.
For your reference, here is the text of the fake message.
Dear user of Blogpatrol.com, We warn you about some attacks on your e-mail account. Your computer may contain viruses, in order to keep your computer and e-mail account safe, please, follow the instructions. For more information see the attached file. For security reasons attached file is password protected. The password is \"52335\". Cheers, The Blogpatrol.com team http://www.blogpatrol.com Attachment 1 Type: application/octet-stream Filename: TextDocument.zip Encoding: base64 Download
I find the most scary thing about this hoax is how friendly and personal it seems. It comes from a site I trust and seems to be directed right at me. The level of psychology that spammers are using is increasing. It could be that it is only a matter of time before I am fooled too.
No comments:
Post a Comment