PCA SDR

The PCA email entitled "May 11, 2010: PCA's 2010 Member Only Raffle" has links that take you to pages with Virus's embedded in them. Fortunatly my antivirus caught them.

Just an FYI on this same topic, there is a DHL e-mail that looks official with tracking number etc. regarding a missed delivery. For those that have packages delivered frequently, this could be a problem as the attachment is a virus. Luckily my spyware/virus protection caught it. These ^&%$^&%* with nothing better to do are using legit companies more and more to try and infect your computer.

SDGT3 wrote:Just an FYI on this same topic, there is a DHL e-mail that looks official with tracking number etc. regarding a missed delivery. For those that have packages delivered frequently, this could be a problem as the attachment is a virus. Luckily my spyware/virus protection caught it. These ^&%$^&%* with nothing better to do are using legit companies more and more to try and infect your computer.

Yes, I got one from "UPS" stating a "failed delivery notice" with an executable file attached. Someone is seriously phishing out there.

Dan Chambers wrote:

SDGT3 wrote:Just an FYI on this same topic, there is a DHL e-mail that looks official with tracking number etc. regarding a missed delivery. For those that have packages delivered frequently, this could be a problem as the attachment is a virus. Luckily my spyware/virus protection caught it. These ^&%$^&%* with nothing better to do are using legit companies more and more to try and infect your computer.

Yes, I got one from "UPS" stating a "failed delivery notice" with an executable file attached. Someone is seriously phishing out there.

"Executable" now THAT is the key word!!!

You'll appreciate this one Dan, being an old football player and all.... At a post game interview, John McKay of the lowly Tampa Bay Bucs was asked by a reporter, "What do you think about your team's execution today". Calmly, McKay responded, "I'm all for it"... I'm not far behind when it comes to these hackers/viral infectors.

Most of those are pretty obvious phishing attempts. It is a rare week when I don't get at least some or all of these in my spam trap:
DHL missed delivery (these have been around for a few years...)
Need to update your firewall
Need to change your Facebook password
Need to change your Myspace password
Need to change your Twitter password
Important information about your <bank name here> account

Virtually all of those are captured by my Yahoo.mail spam filter, and the ones that aren't are usually easily spotted by checking the "real" link path (don't click on the link - instead, right-click on the link, copy, and paste into Notepad to see the real path.). When you see that the path isn't "delivery@dhl.com" (like it shows in the body of the message), but instead is "delivery@dhl.com.mysecretsite.com", that is a clue!

My issue is with the companies (particularly some banks and credit unions) which aren't helping by sending out legitimate e-mails with links through third-party servicing agencies, especially for surveys or offers of new services. If a legitimate e-mail from a bank contains links through these weird third-party sites, how can you tell a valid message from a spoof? I wrote a complaint to Union Bank on this a little over a year ago and at least they took it seriously. I got a nice response acknowledging that I had a good point, and I haven't seen them do it again.

And if anyone actually clicks on links from the sex and drugs sites, etc., well - DUH! You deserve to get hit with a virus. As long a there are even a few people who do respond to spam, it will encourage the barrage to continue.

By the way, an interesting (if chilling) article on "spear-phishing" (very targeted phishing attacks) found that they were able to get 45-50% of targeted people to enter their company user ids and passwords into a bogus web page. http://www.darkreading.com/blog/archives/2010/03/facebook_as_a_s.html;jsessionid=3ATUGNRCPY5GRQE1GHRSKH4ATMY32JVN One of the facets of the trick was to get a bogus site name that looked enough like the home company site name so as to convince users it was sponsored by the company. I.e., if you worked for SAIC, they might have a site "www.Benefits-SAIC.com". When users went there (after on-line discussions on Facebook), they got a login page that looked like their home company page, but after entering their company user id/password, they got "page under construction" or "page not found" errors, not realizing their real company accounts had now been compromised.

While I agree with everything you good folks have said, what seemed the central issue is that this is the "Porsche Club of America" email from pca@multibriefs.com; that I get every week or so. With the Pelician Parts ad at the top. I thought, perhaps incorectly, that this was generated by the PCA national site, as it always has article links pertaining to PCA events.

I've been getting those for some time, but I've never clicked on a link. You might forward it to PCA and ask them if it's from them or not. Either way, they will want to know if someone is phishing with copied PCA content, or if their newsletter is infected...