Skip to main content

Fwd: [CSSAMSU] Computer attack

---------- Forwarded message ----------
From: Jerry McAllister <jerrymc@msu.edu>
Date: Tue, Dec 13, 2011 at 10:26 AM
Subject: [CSSAMSU] Computer attack
To: CSSAMSU@list.msu.edu


Hello everyone,

Some of the same old bad news:

There is yet another attack going around the net.
It has an attachment that will attempt to install malicious software
on your computer if you even look at the attachment.

There may be several variations, but the general pattern is that
it attempts to look like a message from an airline claiming the
attachment is ticket information or a ticket receipt, etc.  The
name of the airline and the specifics of what it says about the
attachment may vary.

Anyway do NOT click on or open the attachment.   Actually you should
not even look at the Email message.   If you have already done so, then
shut off your computer and unhook it from the net and from wireless.
Run anti-virus software or bring it in to the help room on the first
floor of the Computer Center to get it cleaned up.

At the end of this message, I will put a copy of one variation of
the message (without the attachment) and include part of the Email
header such as the subject line.

Note that the To: lists several miscellaneous possible addresses.
Of course, no real program would have a real ticket information
message sent to several addresses.

Secondly, although I did not include that part of the Email header
the actual from address is not American Airlines.

So, if you get a message that looks something like this, do NOT
even look at it.  Just throw it away.   You could send a copy
to the Attorneys General fraud office, but they see a lot of them.

Goodluck,

////jerry

  sample malicious attack message follows
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

From: "American Airlines" <support@aa.com>
To: "<"<flourry1@msu.edu>, <flowerst@msu.edu>, <goodhear@msu.edu>,
       <murph101@msu.edu>, <jerrymc@msu.edu>
Subject: ORDER ID: 498223308, American Airlines
Date: Tue, 13 Dec 2011 15:52:04 +0100

[-- Attachment #1 --]
[-- Type: multipart/alternative, Encoding: 7bit, Size: 1.1K --]

FLIGHT NUMBER A236DJELECTRONIC 6982549242DATE & TIME / DECEMBER 18, 2011, 6:28
+PMARRIVING / NEW YORK JFKTOTAL PRICE / 254.46 USDPlease find your ticket
+attached.To use your ticket you should print it.Thank you for using our airline
+company services.American Airlines.

================================================================
To Subscribe or Unsubscribe CSSAMSU mailing list, please go to:

    http://list.msu.edu/archives/cssamsu.html

Click "Join or leave the list". For further assistance, please
contact Jerry McAllister jerrymc@msu.edu
================================================================

Comments

Post a Comment

https://gengwg.blogspot.com/

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...
Post a Comment
Read more

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...
2 comments
Read more