Help - Search - Members - Calendar
Full Version: Mail Server Upgrade - Scam email
bargainshare.com > Community > Computer & Tech Help
Alan
10-12-09, 11:00am
I received the email below. Nice scam. It appears to come from the system administrator of my domain name (um, that would be me of course lol.gif ). I hope people are smart enough not to follow through and click on any links.

QUOTE
Attention!

On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.

<link to exe file removed smile.gif>

Thank you in advance for your attention to this matter and sorry for possible inconveniences.


System Administrator
mydeal
10-12-09, 1:10pm
Any idea what the "patch file" does?
steltek
10-12-09, 1:43pm
QUOTE (mydeal @ 10-12-09, 1:10pm) *
Any idea what the "patch file" does?


Probably a bot, trojan, or rootkit. I'd lean towards rootkit simply because they've become all the rage lately with the malware criminals, and some of them are nigh on impossible to remove without a serious investment of time and effort. The average person doesn't have a chance with them, given that a lots of commercial anti-virus and anti-malware stuff out there is ineffective in even recognizing some of the stuff spreading around now as malware much less removing it.

Alan
10-12-09, 2:31pm
QUOTE (steltek @ 10-12-09, 5:43pm) *
QUOTE (mydeal @ 10-12-09, 1:10pm) *
Any idea what the "patch file" does?


Probably a bot, trojan, or rootkit. I'd lean towards rootkit simply because they've become all the rage lately with the malware criminals, and some of them are nigh on impossible to remove without a serious investment of time and effort. The average person doesn't have a chance with them, given that a lots of commercial anti-virus and anti-malware stuff out there is ineffective in even recognizing some of the stuff spreading around now as malware much less removing it.

I agree. When I get a system that is badly infected I don't think twice about backing up data, wiping the drive and reinstaling everything. Sometimes that takes less time than trying to clean a system. Also, how can we be 100% sure that everything was found and removed? We can't.
mydeal
10-13-09, 3:27am
Thanks. I was being an idiot and thought that it might install some kind of sneaky DNS redirect that would send you to their mail servers instead. Of course it was be much easier to just have malware that doesn't have anything to do with the mail servers at all.
n99nyrwg
10-13-09, 6:16am
Can you PM me the link? I haven't done this yet and don't want my browsers to be incompatible!

That is a pretty well written email though, and it doesn't ask for passwords or anything of that sort. I can see a lot of people falling for this.
Alan
10-13-09, 11:11am
QUOTE (n99nyrwg @ 10-13-09, 10:16am) *
Can you PM me the link? I haven't done this yet and don't want my browsers to be incompatible!

That is a pretty well written email though, and it doesn't ask for passwords or anything of that sort. I can see a lot of people falling for this.

The link is presented here. Turn up the volume and watch through the entire presentation: http://www.youtube.com/watch?v=Yu_moia-oVI
tongue.gif lol.gif
n99nyrwg
10-14-09, 8:14am
QUOTE (Alan @ 10-13-09, 2:11pm) *
QUOTE (n99nyrwg @ 10-13-09, 10:16am) *
Can you PM me the link? I haven't done this yet and don't want my browsers to be incompatible!

That is a pretty well written email though, and it doesn't ask for passwords or anything of that sort. I can see a lot of people falling for this.

The link is presented here. Turn up the volume and watch through the entire presentation: http://www.youtube.com/watch?v=Yu_moia-oVI
tongue.gif lol.gif


haha, I knew what it was, but I still clicked on it. It's one of those songs that puts a smile on my face every time.
dboy
10-15-09, 3:56am
Wow, got like 6 of these at my work email today. The spam filter caught them all, but still...

There were 4 different subject lines, but all about email server changes. Couple claimed to be from the company's domain, couple were not.
wheel
10-15-09, 12:47pm
These just started showing up at home. My wife asked about one last night, but she knows not to click without asking.

mydeal
10-16-09, 6:19am
I still haven't seen this. I agree though that it has the potential of fooling a lot more people than the standard spam.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.