Use care when reading emails with attachements
There is a lot of people complaining about receiving an item in the email box that in some way caused them harm. These unsolicited items are sent to unsuspecting recipients. They may contain a return address, or something else that encourages its receiver to open it. Because we are trusting and curious, this technique called "social engineering" is often effective.
If you remember, in 2001, the so well known, Anthrax letters addressed to United States senators, the envelopes contained a school’s return address as an inducement to open them. By opening the letter and subsequently spreading its lethal contents, the recipient complied with the wishes of the sender, a key foundation of social engineering. In the pre-Anthrax letter days, a mail handler might have given little thought to the contents of the letter or the validity of the return address. Andlet's admit, this type of social engineering worked very well. So I am expecting to work extremely well in the computer area. I am telling you. A lot of people open a little .zip file or a .scr or a .pif file attached to their emails. THAT'S REALLY BAD!!!
You probably receive lots of mail each day, much of it unsolicited and containing unfamiliar but plausible return addresses. I am getting thousands too. Some of this mail tells me that i am the winner of $5.000.000! Yeah! I wish but i am not that stupid to open it. I was never playing to lotto or poker on the net. Others tells me that i am a winner of a contest with the details of a product that I might like. The sender is trying to encourage me to open the letter, read its contents, and interact with them in some way that is financially beneficial – to them. Even today, many of us open letters to learn what we’ve won or what fantastic deal awaits us. Since there are few consequences, there’s no harm in opening them. Well, it is a little problem here. Think. For example, i am opening an email that comes in HTML format. That means that email contain pictures that are hosted to a server somewhere in internet. When I am open that email, the sender will know i did it, and will continue send bulk emails to my address. But this is commercial purpose of unsolicited email.
Another curious thing is: I got email from ... me .. heheh. Yes. Anyone can send email that apears it comes from any email address she wants. Pay attention to this kind of emails. Don't open email that seems to come from yourself unless if you know for sure that you have sent you an email.
The danger comes when we open email's attachements. Email-borne viruses and worms operate much the same way, except there are consequences, sometimes significant ones. Malicious email often contains a return address of someone we know and often has a provocative Subject line. This is social engineering at its finest – something we want to read from someone we know.
Email viruses and worms are fairly common. If you’ve not received one, you will. For sure. As we like to do tests (remember that we have made some tests earlier in other articles about testing antivirus programs and firewalls), we will do some test here to help you decide what to do with every email message with an attachment that you receive. You should only read a message that passes all of the following tests:
1. The KNOW test: Is the email from someone that you know?
2. The RECEIVED test: Did you receiv email from this sender before?
3. The EXPECTt test: Were you expecting email with an attachment from this sender?
4. The SENSE test: Does email from the sender with the contents as described in the Subject line and the name of the attachments make sense? For example, would you expect the sender – let’s say your Boss – to send you an email message with the Subject line “Here you have the description of the job” that contains a message that probably doesn't make sense, with an attachment – let’s say AnnaKournikova.jpg.vbs? In fact, it happens to be an instance of the Anna Kournikova worm, and reading it can damage your home computer.
5. The Virus test: Before you open ANY attachement you should ask yourself: "Does this email contain a virus?" To determine this, you need to install and use an anti-virus program. That task is described in the "Install and Use Anti-Virus Programs" chapter.
Don't forget to do these test to any email you are about to read. If it pass it, very well, go read it! If not, wipe that email. If we take the first letters from every test we will have KRESV. So we and the specialists will call this the KRESV test.
As I am going to finish i'll give you some tips here for the possibility that you will like to start an email conversation with someone that are not your familiare, he/she doesn't know you, so will be very cautious with your email.
So, the recipient doesn't know you. You will have to write an introductory email ONLY with NO ATTACHEMENTS. Basically you are introducing yourself and you are asking his/her permision to send email with attachement. So thell them first, who are you and what do you want to do. Otherwise they will get suspicious with your email.
Hopefully they will respond. If they choose not to receive email with an attachment from you, don’t send them one. If you never hear from them, try your introductory email one more time a little bit later.
If they accept your offer to receive email with an attachment, send it. They will know you and will have received email from you before. They will also expect this email with an attachment, so you’ve satisfied the first three requirements of the KRESV tests.
Whatever you send should make Sense to them. Don’t use a provocative Subject line or any other social engineering practice to encourage them to read your email.
Be sure you scan the files you want to attach first and they are clean.
Well, tell me what you did observe with this little steps? I'll tell you. They follow exactly the KRESV test we have talked about before.
I hope this help you a lot. We will meet probably next week with other hot home computer security subjects. Feel free to let your comments if you don't understand something and i will try to get in touch with you as fast as possible.
Thank you for visiting my computer security blog.
Warmest regards,
J.J.
If you remember, in 2001, the so well known, Anthrax letters addressed to United States senators, the envelopes contained a school’s return address as an inducement to open them. By opening the letter and subsequently spreading its lethal contents, the recipient complied with the wishes of the sender, a key foundation of social engineering. In the pre-Anthrax letter days, a mail handler might have given little thought to the contents of the letter or the validity of the return address. Andlet's admit, this type of social engineering worked very well. So I am expecting to work extremely well in the computer area. I am telling you. A lot of people open a little .zip file or a .scr or a .pif file attached to their emails. THAT'S REALLY BAD!!!
You probably receive lots of mail each day, much of it unsolicited and containing unfamiliar but plausible return addresses. I am getting thousands too. Some of this mail tells me that i am the winner of $5.000.000! Yeah! I wish but i am not that stupid to open it. I was never playing to lotto or poker on the net. Others tells me that i am a winner of a contest with the details of a product that I might like. The sender is trying to encourage me to open the letter, read its contents, and interact with them in some way that is financially beneficial – to them. Even today, many of us open letters to learn what we’ve won or what fantastic deal awaits us. Since there are few consequences, there’s no harm in opening them. Well, it is a little problem here. Think. For example, i am opening an email that comes in HTML format. That means that email contain pictures that are hosted to a server somewhere in internet. When I am open that email, the sender will know i did it, and will continue send bulk emails to my address. But this is commercial purpose of unsolicited email.
Another curious thing is: I got email from ... me .. heheh. Yes. Anyone can send email that apears it comes from any email address she wants. Pay attention to this kind of emails. Don't open email that seems to come from yourself unless if you know for sure that you have sent you an email.
The danger comes when we open email's attachements. Email-borne viruses and worms operate much the same way, except there are consequences, sometimes significant ones. Malicious email often contains a return address of someone we know and often has a provocative Subject line. This is social engineering at its finest – something we want to read from someone we know.
Email viruses and worms are fairly common. If you’ve not received one, you will. For sure. As we like to do tests (remember that we have made some tests earlier in other articles about testing antivirus programs and firewalls), we will do some test here to help you decide what to do with every email message with an attachment that you receive. You should only read a message that passes all of the following tests:
1. The KNOW test: Is the email from someone that you know?
2. The RECEIVED test: Did you receiv email from this sender before?
3. The EXPECTt test: Were you expecting email with an attachment from this sender?
4. The SENSE test: Does email from the sender with the contents as described in the Subject line and the name of the attachments make sense? For example, would you expect the sender – let’s say your Boss – to send you an email message with the Subject line “Here you have the description of the job” that contains a message that probably doesn't make sense, with an attachment – let’s say AnnaKournikova.jpg.vbs? In fact, it happens to be an instance of the Anna Kournikova worm, and reading it can damage your home computer.
5. The Virus test: Before you open ANY attachement you should ask yourself: "Does this email contain a virus?" To determine this, you need to install and use an anti-virus program. That task is described in the "Install and Use Anti-Virus Programs" chapter.
Don't forget to do these test to any email you are about to read. If it pass it, very well, go read it! If not, wipe that email. If we take the first letters from every test we will have KRESV. So we and the specialists will call this the KRESV test.
As I am going to finish i'll give you some tips here for the possibility that you will like to start an email conversation with someone that are not your familiare, he/she doesn't know you, so will be very cautious with your email.
So, the recipient doesn't know you. You will have to write an introductory email ONLY with NO ATTACHEMENTS. Basically you are introducing yourself and you are asking his/her permision to send email with attachement. So thell them first, who are you and what do you want to do. Otherwise they will get suspicious with your email.
Hopefully they will respond. If they choose not to receive email with an attachment from you, don’t send them one. If you never hear from them, try your introductory email one more time a little bit later.
If they accept your offer to receive email with an attachment, send it. They will know you and will have received email from you before. They will also expect this email with an attachment, so you’ve satisfied the first three requirements of the KRESV tests.
Whatever you send should make Sense to them. Don’t use a provocative Subject line or any other social engineering practice to encourage them to read your email.
Be sure you scan the files you want to attach first and they are clean.
Well, tell me what you did observe with this little steps? I'll tell you. They follow exactly the KRESV test we have talked about before.
I hope this help you a lot. We will meet probably next week with other hot home computer security subjects. Feel free to let your comments if you don't understand something and i will try to get in touch with you as fast as possible.
Thank you for visiting my computer security blog.
Warmest regards,
J.J.
posted by J.J. | 1:58 PM
1 Comments:
Hi, J.J..I was just searching blogs,and I found your site! I like it!
If you have a moment, please visit my site:
handheld computers
It covers handheld computers related stuff.
All the best!
Post a Comment
<< Home