Re: [Nolug] Funny email

From: Shannon Roddy <sroddy_at_gmail.com>
Date: Sun, 7 Dec 2008 12:07:16 -0600
Message-ID: <8d48b6ba0812071007r2be72e8fkd6350a86fedb7f1a@mail.gmail.com>

On Sun, Dec 7, 2008 at 12:31 AM, Chris Jones <techmaster@gmail.com> wrote:
> I got this interesting email today from the company that handles
> entergy's online payments:

Hmm.... sounds like the Checkfree domain hijacking:

http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-bill.html?hpid=sec-tech
http://it.slashdot.org/article.pl?sid=08/12/05/0342202

>
> We take great care to keep your personal information secure. As part
> of these ongoing efforts, we are notifying you that the computer you
> use for online bill payment may be infected with malicious software
> that puts the security of your computer's contents at risk. This
> letter will help you determine if your computer is actually infected
> and advise you how to fix the problem and protect yourself against
> future risk.
>
> The malicious software affects some but not all customers who accessed
> online bill payment on Tuesday, December 2, 2008. For a limited period
> of time, some customers were redirected from the authentic bill
> payment service to another site that may have installed malicious
> software. Your computer may be infected if all of the following are
> true:
>
> * You attempted to access online bill payment between 12:30 a.m.
> and 10:10 a.m. Eastern time (GMT -5) on Tuesday, December 2, 2008, and
> * You were using a computer with the Windows operating system, and
> * You reached a blank screen rather than the usual bill payment
> screen when you attempted to navigate to online bill payment, and
> * After reaching the blank screen, your computer's virus
> protection program did not tell you via pop-up or other messaging that
> malicious software was detected and quarantined.
>
> If all four of the conditions above are true, your computer may be
> infected. We have arranged with McAfee, the world's largest dedicated
> security technology company, to provide you with an assessment of your
> computer's hard drive and remove any malicious software. Please
> contact us at 877-800-4864 for further instructions. We will also
> offer you both advice and free services that can help you mitigate any
> risk you may face as a result of this incident or other everyday
> exposures you may encounter.
>
> We value your business and your trust, and we apologize for any
> inconvenience this recent incident has caused.
>
> Thank you.
>
>
>
> My favorite part of the email is the 2nd bullet. Not only did I not
> go to the web site during their time window...but I generally access
> the web site using UNIX based systems (OSX and Linux), and if I'm in
> Windows, I am almost always using Firefox. I guess I'm not affected.
> So, add another point to the UNIX side of the OS battle.
> ___________________
> Nolug mailing list
> nolug@nolug.org
>
___________________
Nolug mailing list
nolug@nolug.org
Received on 12/07/08

This archive was generated by hypermail 2.2.0 : 12/19/08 EST