Welcome to WebmasterWorld Guest from 54.205.170.21

Forum Moderators: phranque

Message Too Old, No Replies

IE Based Attacks and Phishing Increasing

   
9:35 pm on Apr 12, 2004 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



[techweb.com...]

According to the Computing Technology Industry Association's (CompTIA) second annual survey on IT security, attacks through the browser -- typically conducted by attackers by enticing users to malicious Web sites by e-mailing or IMing links -- showed the biggest percentage jump of any of the 15 threat categories posed to the nearly 900 IT professionals polled.
10:04 pm on Apr 12, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The part that bothers me is :

"Almost 60 percent of the companies, educational facilities, and government agencies polled said they'd been hit by a severe breach in 2003, “severe” defined as one that caused real harm, resulted in the loss of confidential information, or interrupted operations. "

However it may just be that companies are realising that infections and crashes or user caused interruptions to operations do cost them so they are logging them more.

Its amaxing to me how much time is lost by users themselves not knowing their tools.

12:06 am on Apr 13, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



It's amazing to me that after all the publicity about this sort of thing, some people are STILL dim enough to open attachments, visit sites linked in mail from people they don't know, etc. etc. ad infinitum ad nauseum.

I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop, and because I NEVER OPEN ANYTHING IN THE WAY OF AN ATTACHMENT OR CLICK ON LINKS IN EMAILS. Period.

I don't believe I miss anything really great. I DO miss worms and virii, thank you.

2:13 am on Apr 13, 2004 (gmt 0)

10+ Year Member



I'm the only one at my workplace (75+ machines) (besides the IT guy!) who did NOT get the last worm that went around - because I installed a separate firewall on my desktop

That's fine for you, but let's not forget that a lot of institutions forbid employees installing any type of software without going through the 'proper channels'.

4:55 am on Apr 13, 2004 (gmt 0)

10+ Year Member



I'm not sure how much of this is relevant to this topic, but,

I'm blown away not only by the HUGE spike in spam I've received in the past few weeks but also by all the Virus Laden emails as well (despite all the filters I've in place)

What's more interesting is how many of the latter come from major institutions and local gov't agencies.

Can someone elighten me on this?

7:15 am on Apr 13, 2004 (gmt 0)

10+ Year Member



Spam and virii are rarely sent from who it appears it was sent by.

I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely.

Not that major institutions and gov't agencies don't send a lot of spam and such. Having talked to many senior IT peeps at some of these major institutions, I would guess it's because it is much harder to control an environment of 1,000 systems as opposed to 10. Not to mention all the "unclean" laptops coming and going.

One friend that is head of IT security at such a place said their biggest problem in '03 was infected systems brought in by management that was excluded from mandatory disinfection before plugging in.

11:44 am on Apr 13, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The problem are not the users. The phishing emails are very very sophisticated.

It's gotten to the point now that I get real emails from real companies and I am starting to ignore them because I think it's only phishing..

1:44 pm on Apr 13, 2004 (gmt 0)

10+ Year Member



In the last weeks I have been sent virus attachments from: updates@symantec.com, info@info.gov and so on. Did I think any of these were from either the Symantec or the US Government? No - but unfortunately many people would and foolishly open them...
1:49 pm on Apr 13, 2004 (gmt 0)

10+ Year Member



Users better get 'streetsmart' on the net QUICK. I am fed up of seeing PC's laden with multiple viri / spyware etc. It's like people think they are immune.
1:54 pm on Apr 13, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I couldn't care less that people are getting harmed by viruses. What upsets me is that people won't do business because they don't trust people who are legitimately trying to do business.

It does not make sense in anyway shape or form that Soccer moms and Plumbers should become computer scientists in order to participate in the new economy.

1:59 pm on Apr 13, 2004 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



this happens in the main because the boxes are sold with fully installed Norton , Panda ,MacaFee, or some other such Horror ( good advertising can sell anything ) ....

In France they even ship with the English language (only ) versions installed ...I get about 5 call outs per week just because the things started up in scan mode on newly bought boxes and the owners think they are infected when they see the word virus on the config screen ..!

try as you might you just cant get people to understand that security on a computer is as important as knowing how to drive before you go on the freeway ..

<<addon after seeing the post above me >>

Some knowledge is a duty ...mom and pop etc can do one hell of a lot of unwitting damage in a DDOS against for instance a hospital using a server run by someone who isn't given the budget to stay on top of the evil script kiddies ....

3:26 pm on Apr 13, 2004 (gmt 0)

10+ Year Member



<<I mention this only because some may not know this, at least in my organization I have to tell many users repeatedly that, "no, you aren't infected just because you got a bounce from someone saying you sent them a virus". Possibly, but not likely. >>

It's because of this that I've now changed my Norton Settings to scan every single early morning as opposed to the weekly scan I had previously.

6:39 pm on Apr 13, 2004 (gmt 0)

10+ Year Member



Nobody in my own family ever knew they had to "Update" Windows or anything else. :(

Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.

Oh, they had no idea they had to update the Virus protection either.

11:08 pm on Apr 13, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Even on a cable modem, if someone has Win98 or ME (shudder) the time it takes to update is crazy if they never did it.

This is even more true with XP and dialup. I have no option BUT dialup, and any time I have to reinstall XP it takes me literally the better part of a weekend to update it.... *sigh*

9:39 pm on Apr 18, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I think there needs to be some real education explaining to amateur windows users (not meant pejoratively, just the way many people are) why they shouldn't open an attachment which arrives in an email from an unknown sender with the words: "Have a look at this - it's really funny!"

It's simply astonishing how many otherwise educated people will open the attachment out of blind curiosity. What on earth do they think the attachment is?

12:28 am on Apr 19, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



What on earth do they think the attachment is?

I don't think you want to know....

1:24 am on Apr 19, 2004 (gmt 0)

10+ Year Member



Greetings and Gidday folks,

in discussion with other folk, a simple solution is proposed:

ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.

The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)

Hooroo
JP

1:46 am on Apr 19, 2004 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed.

The time has come for vendors/resellers/hardware retailers, to protect the rest of us from the clueless newbie! ;)

*laughing/applause* Yup. That would be it!

12:10 pm on Apr 19, 2004 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



<<ALL PC/MAC/Linux boxes (whatever your poison of choice is), MUST be sold with a firewall and antivirus already installed. >>

as I pointed out earlier in this thread the problem is not that the boxes are not sold with out AV etc ..The problem is the CRAP that is installed in the name of AV ....Its this that makes the majority of users think that they can open anything because their "Norton ","panda" or whatever says its safe ...

Any AV is only worth what you pay and the licencse for a preinstalled Norton or similar is less than A couple of dollars ....What do you expect for that ...HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ....of course that was spoofed aswell .....but ...when I take a copy of the offending mails with attachments and run them at another machine which has these supposed AV's installed 25 get through anyway without ringing a bell ....!

As for phishing ..the best way to aviod it is to tell every newbie that you meet that if the mail asks you to reply to a server that is't "https" ..that it's a scam....

And BTW how many of us that know better have done the "good deed" and made a simple page available on our own site explaining in lay terms basic security and what to watch out for?

1:13 pm on Apr 19, 2004 (gmt 0)

10+ Year Member



Er... no where in the article does it mention Windows or IE.
2:24 pm on Apr 19, 2004 (gmt 0)

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Er... no where in the article does it mention Windows or IE.

But Whippinpost, nobody reads the articles, do they?! ;) I remember a post a few months back by Brett which proved this point.

However, it has to be said that I haven't heard of a phishing scam attacking anything other than IE.

2:21 am on Apr 20, 2004 (gmt 0)

10+ Year Member



Gidday again

>>HYPE , HYPE and more Hype!....I just took a look.... and of the last 30 Virii sent to me 28 claim to have been passed as clean by the big three AV vendors ...

OK, I edited out that the vendors should also explain to the purchaser what the AV and firewall is for, but hardware retailers are notorious for not recognising the value adding that 10 minutes of preventative tutoring can gain in brand building and customer loyality, and that's another topic entirely for the sales and marketing forums! :)

My point is, it's up to us to help educate the newbie about the kinds of nefarious skulkers lurking out there now for the unwary and clueless.

We've obviously been getting through to our customers and online network, about having at least an up to date AV app. and a firewall to reduce the chances they'll get done. For our part, we also have a mail header downloader to filter emails before downloading proper, and of course, we don't use Outlook.

Haven't had an obvious spam/virii email from local contacts in yonks, and can only think of 3 spam headers in the last week or so which looked loaded, but then, we've also got a server side 3rd party filter as well, so I don't even *see* most of the crud these days.

Quadruaple redundancy ... WHOO HOO!

Cheers
JP

8:09 pm on Apr 20, 2004 (gmt 0)

WebmasterWorld Senior Member hobbs is a WebmasterWorld Top Contributor of All Time 10+ Year Member



security on a computer is as important as knowing how to drive before you go on the freeway
It is more like having to learn how to overhaul the engine before leaving your garage!
Hosting companies should seriously start bundling in affordable server level detection, this is where the war should be fought.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month