Comments on: Fake Update for Microsoft Outlook/Outlook Express (KB910721)

By: Emmanuel Carabott

Emmanuel Carabott — Wed, 12 Aug 2009 09:14:19 +0000

Hi Kevin,

Thanks a lot for sharing your cautionary tale with us. You’re right of course; even when you know what to look out for it’s possible to fall victim at times through no fault of your own especially when attacks make use of software vulnerabilities to trigger without any user interaction at all. And unfortunately criminals found numerous ways how to steal in the digital age. In fact I wrote a series about this very subject – if you want to check it out, or anyone else for that matter, it’s called 21st Century Heists and can be accessed in these 3 installments:

http://www.gfi.com/blog/21st-century-heists-part-1/
http://www.gfi.com/blog/21st-century-heists-part-2/
http://www.gfi.com/blog/21st-century-heists-part-3/

Also on the subject is an article on how to protect your business from social engineering attacks:
http://www.gfi.com/blog/security-human-element/

Thanks again for your post

By: Kevin Regan

Kevin Regan — Thu, 06 Aug 2009 10:07:55 +0000

Excellent post – luckily I goggled the information on the e-mail I received and found your excellent analysis.
I am always caution about attachments and downloads of any kind as well as phishing attacks. I downloaded a trojan once and all my key stokes were picked up by an attacker in the midlands area of the UK, it was during the last world cup and I was almost caught, “Off guard”. He managed to take several thousand pounds out of my online bank account, but, I was able to get the bank involved in time and the money was re credited to my account. The online banking systems are fortunately more robust these days and cannot be breached by knowledge of passwords only…
I am a private investigator by the way and despite a good knowledge of the net and its threats I can still get caught out!
Be careful out there!

regards,

Kevin Regan.

By: Emmanuel Carabott

Emmanuel Carabott — Wed, 01 Jul 2009 09:59:16 +0000

Hi Tina,

First step is to verify if you were infected and, if that’s the case, with what malware. Best way to achieve this is to virus scan your machine (ensure you have the latest virus definition files) and if you still have the file you downloaded, try submitting it to virustotal (http://www.virustotal.com/) or a similar service to verify what kind of malware (if any) it is that you might have installed.

If you do not have an antivirus solution but the issue is on your private home system consider using a free anti-virus solution such as AVG (http://free.avg.com/); if it’s not for private use maybe you can use an online anti-virus scan such as that offered by Kaspersky (http://www.kaspersky.com/virusscanner) – it will not clean the infection but at least it should detect it and tell you what it is. Once you know what infection, if any, you are dealing with, you can then decide your next steps. If an infection is confirmed try to limit your machine interaction with your network to prevent the virus from spreading as much as possible.

If you need further help do not hesitate to post more information about what infection we’re dealing with and we can go on from there. Hope this helps and good luck!

By: TIna Ho

TIna Ho — Tue, 30 Jun 2009 17:07:55 +0000

Hi,

If I clicked on it previously, what can I do about it now? to solve or rectify the issue?

Thanks!

By: Jack

Jack — Fri, 26 Jun 2009 10:48:37 +0000

nice catch …social engineering keeps showing it’s head …..very easy to misintepret this for a valid email…95% of users wouldn’t have a clue….
…takes me back to the great old days of I Love You, nimda, klez….

ahh…nostalgia