Welcome to WebmasterWorld Guest from 54.196.68.10

Forum Moderators: phranque

Message Too Old, No Replies

IE Based Attacks and Phishing Increasing

     
9:35 pm on Apr 12, 2004 (gmt 0)

Administrator from US 

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 21, 1999
posts:38070
votes: 16


[techweb.com...]

According to the Computing Technology Industry Association's (CompTIA) second annual survey on IT security, attacks through the browser -- typically conducted by attackers by enticing users to malicious Web sites by e-mailing or IMing links -- showed the biggest percentage jump of any of the 15 threat categories posed to the nearly 900 IT professionals polled.
10:04 pm on Apr 12, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 15, 2001
posts:1439
votes: 0


The part that bothers me is :

"Almost 60 percent of the companies, educational facilities, and government agencies polled said they'd been hit by a severe breach in 2003, “severe” defined as one that caused real harm, resulted in the loss of confidential information, or interrupted operations. "

However it may just be that companies are realising that infections and crashes or user caused interruptions to operations do cost them so they are logging them more.

Its amaxing to me how much time is lost by users themselves not knowing their tools.

12:06 am on Apr 13, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 19, 2003
posts:1747
votes: 0


It's amazing to me that after all the publicity about this sort of thing, some people are STILL dim enough to open attachments, visit sites linked in mail from people they don't know, etc. etc. ad infinitum ad nauseum.

I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop, and because I NEVER OPEN ANYTHING IN THE WAY OF AN ATTACHMENT OR CLICK ON LINKS IN EMAILS. Period.

I don't believe I miss anything really great. I DO miss worms and virii, thank you.

2:13 am on Apr 13, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 27, 2003
posts:49
votes: 0


I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop

That's fine for you, but let's not forget that a lot of institutions forbid employees installing any type of software without going through the 'proper channels'.

4:55 am on Apr 13, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 29, 2004
posts:163
votes: 0


I'm not sure how much of this is relevant to this topic, but,

I'm blown away not only by the HUGE spike in spam I've received in the past few weeks but also by all the Virus Laden emails as well (despite all the filters I've in place)

What's more interesting is how many of the latter come from major institutions and local gov't agencies.

Can someone elighten me on this?

7:15 am on Apr 13, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Mar 6, 2003
posts:66
votes: 0


Spam and virii are rarely sent from who it appears it was sent by.

I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely.

Not that major institutions and gov't agencies don't send a lot of spam and such. Having talked to many senior IT peeps at some of these major institutions, I would guess it's because it is much harder to control an environment of 1,000 systems as opposed to 10. Not to mention all the "unclean" laptops coming and going.

One friend that is head of IT security at such a place said their biggest problem in '03 was infected systems brought in by management that was excluded from mandatory disinfection before plugging in.

11:44 am on Apr 13, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 10, 2004
posts:1342
votes: 0


The problem are not the users. The phishing emails are very very sophisticated.

It's gotten to the point now that I get real emails from real companies and I am starting to ignore them because I think it's only phishing..

1:44 pm on Apr 13, 2004 (gmt 0)

Full Member

10+ Year Member

joined:Mar 7, 2004
posts:285
votes: 0


In the last weeks I have been sent virus attachments from: updates@symantec.com, info@info.gov and so on. Did I think any of these were from either the Symantec or the US Government? No - but unfortunately many people would and foolishly open them...
1:49 pm on Apr 13, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:June 11, 2001
posts:134
votes: 0


Users better get 'streetsmart' on the net QUICK. I am fed up of seeing PC's laden with multiple viri / spyware etc. It's like people think they are immune.
1:54 pm on Apr 13, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 10, 2004
posts:1342
votes: 0


I couldn't care less that people are getting harmed by viruses. What upsets me is that people won't do business because they don't trust people who are legitimately trying to do business.

It does not make sense in anyway shape or form that Soccer moms and Plumbers should become computer scientists in order to participate in the new economy.

1:59 pm on Apr 13, 2004 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


this happens in the main because the boxes are sold with fully installed Norton , Panda ,MacaFee, or some other such Horror ( good advertising can sell anything ) ....

In France they even ship with the English language (only ) versions installed ...I get about 5 call outs per week just because the things started up in scan mode on newly bought boxes and the owners think they are infected when they see the word virus on the config screen ..!

try as you might you just cant get people to understand that security on a computer is as important as knowing how to drive before you go on the freeway ..

<<addon after seeing the post above me >>

Some knowledge is a duty ...mom and pop etc can do one hell of a lot of unwitting damage in a DDOS against for instance a hospital using a server run by someone who isn't given the budget to stay on top of the evil script kiddies ....

3:26 pm on Apr 13, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 29, 2004
posts:163
votes: 0


<<I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely. >>

It's because of this that I've now changed my Norton Settings to scan every single early morning as opposed to the weekly scan I had previously.

6:39 pm on Apr 13, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Oct 31, 2003
posts:98
votes: 0


Nobody in my own family ever knew they had to "Update" Windows or anything else. :(

Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.

Oh, they had no idea they had to update the Virus protection either.

11:08 pm on Apr 13, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 19, 2003
posts:1747
votes: 0


Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.

This is even more true with XP and dialup. I have no option BUT dialup, and any time I have to reinstall XP it takes me literally the better part of a weekend to update it.... *sigh*

9:39 pm on Apr 18, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Mar 9, 2003
posts:2099
votes: 8


I think there needs to be some real education explaining to amateur windows users (not meant pejoratively, just the way many people are) why they shouldn't open an attachment which arrives in an email from an unknown sender with the words: "Have a look at this - it's really funny!"

It's simply astonishing how many otherwise educated people will open the attachment out of blind curiosity. What on earth do they think the attachment is?

12:28 am on Apr 19, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 19, 2003
posts:1747
votes: 0


What on earth do they think the attachment is?

I don't think you want to know....

1:24 am on Apr 19, 2004 (gmt 0)

Junior Member from AU 

10+ Year Member

joined:Oct 20, 2001
posts:173
votes: 4


Greetings and Gidday folks,

in discussion with other folk, a simple solution is proposed:

ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.

The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)

Hooroo
JP

1:46 am on Apr 19, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 19, 2003
posts:1747
votes: 0


ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.

The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)

*laughing/applause* Yup. That would be it!

12:10 pm on Apr 19, 2004 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


<<ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed. >>

as I pointed out earlier in this thread the problem is not that the boxes are not sold with out AV etc ..The problem is the CRAP that is installed in the name of AV ....Its this that makes the majority of users think that they can open anything because their "Norton ","panda" or whatever says its safe ...

Any AV is only worth what you pay and the licencse for a preinstalled Norton or similar is less than A couple of dollars ....What do you expect for that ...HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ....of course that was spoofed aswell .....but ...when I take a copy of the offending mails with attachments and run them at another machine which has these supposed AV's installed 25 get through anyway without ringing a bell ....!

As for phishing ..the best way to aviod it is to tell every newbie that you meet that if the mail asks you to reply to a server that is't "https" ..that it's a scam....

And BTW how many of us that know better have done the "good deed" and made a simple page available on our own site explaining in lay terms basic security and what to watch out for?

1:13 pm on Apr 19, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:May 22, 2003
posts:354
votes: 0


Er... no where in the article does it mention Windows or IE.
2:24 pm on Apr 19, 2004 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 31, 2003
posts:9074
votes: 6


Er... no where in the article does it mention Windows or IE.

But Whippinpost, nobody reads the articles, do they?! ;) I remember a post a few months back by Brett which proved this point.

However, it has to be said that I haven't heard of a phishing scam attacking anything other than IE.

2:21 am on Apr 20, 2004 (gmt 0)

Junior Member from AU 

10+ Year Member

joined:Oct 20, 2001
posts:173
votes: 4


Gidday again

>>HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ...

OK, I edited out that the vendors should also explain to the purchaser what the AV and firewall is for, but hardware retailers are notorious for not recognising the value adding that 10 minutes of preventative tutoring can gain in brand building and customer loyality, and that's another topic entirely for the sales and marketing forums! :)

My point is, it's up to us to help educate the newbie about the kinds of nefarious skulkers lurking out there now for the unwary and clueless.

We've obviously been getting through to our customers and online network, about having at least an up to date AV app. and a firewall to reduce the chances they'll get done. For our part, we also have a mail header downloader to filter emails before downloading proper, and of course, we don't use Outlook.

Haven't had an obvious spam/virii email from local contacts in yonks, and can only think of 3 spam headers in the last week or so which looked loaded, but then, we've also got a server side 3rd party filter as well, so I don't even *see* most of the crud these days.

Quadruaple redundancy ... WHOO HOO!

Cheers
JP

8:09 pm on Apr 20, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member hobbs is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Mar 19, 2004
posts:3056
votes: 5


security on a computer is as important as knowing how to drive before you go on the freeway
It is more like having to learn how to overhaul the engine before leaving your garage!
Hosting companies should seriously start bundling in affordable server level detection, this is where the war should be fought.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members