Re: [Nolug] Funny email

From: Petri Laihonen <pietu_at_weblizards.net>
Date: Sun, 07 Dec 2008 12:23:59 -0600
Message-ID: <493C14BF.3060908@weblizards.net>

Ahaa......
I've never liked Network Solutions, and now I like them even less.
(while not directly their fault, article claims.....)

"It appears hackers were able to hijack the company's Web sites by
stealing the user name and password needed to make account changes at
the Web site of Network Solutions, CheckFree's domain registrar."

I assume the methodology behind this attack is also the reason Apple
recommends Mac users to install 2-3 antivirus programs. In an article I
saw few days ago, it strangely sounded like all of them simultaneously.

Petri

Shannon Roddy wrote:
> On Sun, Dec 7, 2008 at 12:31 AM, Chris Jones <techmaster@gmail.com> wrote:
>
>> I got this interesting email today from the company that handles
>> entergy's online payments:
>>
>
> Hmm.... sounds like the Checkfree domain hijacking:
>
> http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-bill.html?hpid=sec-tech
> http://it.slashdot.org/article.pl?sid=08/12/05/0342202
>
>
>
>
>> We take great care to keep your personal information secure. As part
>> of these ongoing efforts, we are notifying you that the computer you
>> use for online bill payment may be infected with malicious software
>> that puts the security of your computer's contents at risk. This
>> letter will help you determine if your computer is actually infected
>> and advise you how to fix the problem and protect yourself against
>> future risk.
>>
>> The malicious software affects some but not all customers who accessed
>> online bill payment on Tuesday, December 2, 2008. For a limited period
>> of time, some customers were redirected from the authentic bill
>> payment service to another site that may have installed malicious
>> software. Your computer may be infected if all of the following are
>> true:
>>
>> * You attempted to access online bill payment between 12:30 a.m.
>> and 10:10 a.m. Eastern time (GMT -5) on Tuesday, December 2, 2008, and
>> * You were using a computer with the Windows operating system, and
>> * You reached a blank screen rather than the usual bill payment
>> screen when you attempted to navigate to online bill payment, and
>> * After reaching the blank screen, your computer's virus
>> protection program did not tell you via pop-up or other messaging that
>> malicious software was detected and quarantined.
>>
>> If all four of the conditions above are true, your computer may be
>> infected. We have arranged with McAfee, the world's largest dedicated
>> security technology company, to provide you with an assessment of your
>> computer's hard drive and remove any malicious software. Please
>> contact us at 877-800-4864 for further instructions. We will also
>> offer you both advice and free services that can help you mitigate any
>> risk you may face as a result of this incident or other everyday
>> exposures you may encounter.
>>
>> We value your business and your trust, and we apologize for any
>> inconvenience this recent incident has caused.
>>
>> Thank you.
>>
>>
>>
>> My favorite part of the email is the 2nd bullet. Not only did I not
>> go to the web site during their time window...but I generally access
>> the web site using UNIX based systems (OSX and Linux), and if I'm in
>> Windows, I am almost always using Firefox. I guess I'm not affected.
>> So, add another point to the UNIX side of the OS battle.
>> ___________________
>> Nolug mailing list
>> nolug@nolug.org
>>
>>
> ___________________
> Nolug mailing list
> nolug@nolug.org
>
>
___________________
Nolug mailing list
nolug@nolug.org
Received on 12/07/08

This archive was generated by hypermail 2.2.0 : 12/19/08 EST