homepage Welcome to WebmasterWorld Guest from 54.227.67.175
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
IE Based Attacks and Phishing Increasing
Brett_Tabke




msg:392000
 9:35 pm on Apr 12, 2004 (gmt 0)

[techweb.com...]

According to the Computing Technology Industry Association's (CompTIA) second annual survey on IT security, attacks through the browser -- typically conducted by attackers by enticing users to malicious Web sites by e-mailing or IMing links -- showed the biggest percentage jump of any of the 15 threat categories posed to the nearly 900 IT professionals polled.

 

Mark_A




msg:392001
 10:04 pm on Apr 12, 2004 (gmt 0)

The part that bothers me is :

"Almost 60 percent of the companies, educational facilities, and government agencies polled said they'd been hit by a severe breach in 2003, “severe” defined as one that caused real harm, resulted in the loss of confidential information, or interrupted operations. "

However it may just be that companies are realising that infections and crashes or user caused interruptions to operations do cost them so they are logging them more.

Its amaxing to me how much time is lost by users themselves not knowing their tools.

vkaryl




msg:392002
 12:06 am on Apr 13, 2004 (gmt 0)

It's amazing to me that after all the publicity about this sort of thing, some people are STILL dim enough to open attachments, visit sites linked in mail from people they don't know, etc. etc. ad infinitum ad nauseum.

I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop, and because I NEVER OPEN ANYTHING IN THE WAY OF AN ATTACHMENT OR CLICK ON LINKS IN EMAILS. Period.

I don't believe I miss anything really great. I DO miss worms and virii, thank you.

sidewinder




msg:392003
 2:13 am on Apr 13, 2004 (gmt 0)

I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop

That's fine for you, but let's not forget that a lot of institutions forbid employees installing any type of software without going through the 'proper channels'.

cyberfyber




msg:392004
 4:55 am on Apr 13, 2004 (gmt 0)

I'm not sure how much of this is relevant to this topic, but,

I'm blown away not only by the HUGE spike in spam I've received in the past few weeks but also by all the Virus Laden emails as well (despite all the filters I've in place)

What's more interesting is how many of the latter come from major institutions and local gov't agencies.

Can someone elighten me on this?

warlordbb




msg:392005
 7:15 am on Apr 13, 2004 (gmt 0)

Spam and virii are rarely sent from who it appears it was sent by.

I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely.

Not that major institutions and gov't agencies don't send a lot of spam and such. Having talked to many senior IT peeps at some of these major institutions, I would guess it's because it is much harder to control an environment of 1,000 systems as opposed to 10. Not to mention all the "unclean" laptops coming and going.

One friend that is head of IT security at such a place said their biggest problem in '03 was infected systems brought in by management that was excluded from mandatory disinfection before plugging in.

blaze




msg:392006
 11:44 am on Apr 13, 2004 (gmt 0)

The problem are not the users. The phishing emails are very very sophisticated.

It's gotten to the point now that I get real emails from real companies and I am starting to ignore them because I think it's only phishing..

christopher w




msg:392007
 1:44 pm on Apr 13, 2004 (gmt 0)

In the last weeks I have been sent virus attachments from: updates@symantec.com, info@info.gov and so on. Did I think any of these were from either the Symantec or the US Government? No - but unfortunately many people would and foolishly open them...

electro




msg:392008
 1:49 pm on Apr 13, 2004 (gmt 0)

Users better get 'streetsmart' on the net QUICK. I am fed up of seeing PC's laden with multiple viri / spyware etc. It's like people think they are immune.

blaze




msg:392009
 1:54 pm on Apr 13, 2004 (gmt 0)

I couldn't care less that people are getting harmed by viruses. What upsets me is that people won't do business because they don't trust people who are legitimately trying to do business.

It does not make sense in anyway shape or form that Soccer moms and Plumbers should become computer scientists in order to participate in the new economy.

Leosghost




msg:392010
 1:59 pm on Apr 13, 2004 (gmt 0)

this happens in the main because the boxes are sold with fully installed Norton , Panda ,MacaFee, or some other such Horror ( good advertising can sell anything ) ....

In France they even ship with the English language (only ) versions installed ...I get about 5 call outs per week just because the things started up in scan mode on newly bought boxes and the owners think they are infected when they see the word virus on the config screen ..!

try as you might you just cant get people to understand that security on a computer is as important as knowing how to drive before you go on the freeway ..

<<addon after seeing the post above me >>

Some knowledge is a duty ...mom and pop etc can do one hell of a lot of unwitting damage in a DDOS against for instance a hospital using a server run by someone who isn't given the budget to stay on top of the evil script kiddies ....

cyberfyber




msg:392011
 3:26 pm on Apr 13, 2004 (gmt 0)

<<I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely. >>

It's because of this that I've now changed my Norton Settings to scan every single early morning as opposed to the weekly scan I had previously.

WebBender




msg:392012
 6:39 pm on Apr 13, 2004 (gmt 0)

Nobody in my own family ever knew they had to "Update" Windows or anything else. :(

Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.

Oh, they had no idea they had to update the Virus protection either.

vkaryl




msg:392013
 11:08 pm on Apr 13, 2004 (gmt 0)

Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.

This is even more true with XP and dialup. I have no option BUT dialup, and any time I have to reinstall XP it takes me literally the better part of a weekend to update it.... *sigh*

ronin




msg:392014
 9:39 pm on Apr 18, 2004 (gmt 0)

I think there needs to be some real education explaining to amateur windows users (not meant pejoratively, just the way many people are) why they shouldn't open an attachment which arrives in an email from an unknown sender with the words: "Have a look at this - it's really funny!"

It's simply astonishing how many otherwise educated people will open the attachment out of blind curiosity. What on earth do they think the attachment is?

vkaryl




msg:392015
 12:28 am on Apr 19, 2004 (gmt 0)

What on earth do they think the attachment is?

I don't think you want to know....

jpalmer




msg:392016
 1:24 am on Apr 19, 2004 (gmt 0)

Greetings and Gidday folks,

in discussion with other folk, a simple solution is proposed:

ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.

The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)

Hooroo
JP

vkaryl




msg:392017
 1:46 am on Apr 19, 2004 (gmt 0)

ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.

The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)

*laughing/applause* Yup. That would be it!

Leosghost




msg:392018
 12:10 pm on Apr 19, 2004 (gmt 0)

<<ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed. >>

as I pointed out earlier in this thread the problem is not that the boxes are not sold with out AV etc ..The problem is the CRAP that is installed in the name of AV ....Its this that makes the majority of users think that they can open anything because their "Norton ","panda" or whatever says its safe ...

Any AV is only worth what you pay and the licencse for a preinstalled Norton or similar is less than A couple of dollars ....What do you expect for that ...HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ....of course that was spoofed aswell .....but ...when I take a copy of the offending mails with attachments and run them at another machine which has these supposed AV's installed 25 get through anyway without ringing a bell ....!

As for phishing ..the best way to aviod it is to tell every newbie that you meet that if the mail asks you to reply to a server that is't "https" ..that it's a scam....

And BTW how many of us that know better have done the "good deed" and made a simple page available on our own site explaining in lay terms basic security and what to watch out for?

TheWhippinpost




msg:392019
 1:13 pm on Apr 19, 2004 (gmt 0)

Er... no where in the article does it mention Windows or IE.

encyclo




msg:392020
 2:24 pm on Apr 19, 2004 (gmt 0)

Er... no where in the article does it mention Windows or IE.

But Whippinpost, nobody reads the articles, do they?! ;) I remember a post a few months back by Brett which proved this point.

However, it has to be said that I haven't heard of a phishing scam attacking anything other than IE.

jpalmer




msg:392021
 2:21 am on Apr 20, 2004 (gmt 0)

Gidday again

>>HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ...

OK, I edited out that the vendors should also explain to the purchaser what the AV and firewall is for, but hardware retailers are notorious for not recognising the value adding that 10 minutes of preventative tutoring can gain in brand building and customer loyality, and that's another topic entirely for the sales and marketing forums! :)

My point is, it's up to us to help educate the newbie about the kinds of nefarious skulkers lurking out there now for the unwary and clueless.

We've obviously been getting through to our customers and online network, about having at least an up to date AV app. and a firewall to reduce the chances they'll get done. For our part, we also have a mail header downloader to filter emails before downloading proper, and of course, we don't use Outlook.

Haven't had an obvious spam/virii email from local contacts in yonks, and can only think of 3 spam headers in the last week or so which looked loaded, but then, we've also got a server side 3rd party filter as well, so I don't even *see* most of the crud these days.

Quadruaple redundancy ... WHOO HOO!

Cheers
JP

Hobbs




msg:392022
 8:09 pm on Apr 20, 2004 (gmt 0)

security on a computer is as important as knowing how to drive before you go on the freeway
It is more like having to learn how to overhaul the engine before leaving your garage!
Hosting companies should seriously start bundling in affordable server level detection, this is where the war should be fought.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved