The high-profile phishing campaign targeting the private Gmail accounts of government officials and political activists is part of a wider pattern of attacks also targeting Hotmail and Yahoo! Mail, according to net security firm Trend Micro. Trend said that whether or not the attacks were related, they were all aimed towards …
They really want my spam??
as it is the only thing sent to likes of Yahoo? I'll forward it for them, they just have to ask ;-)
Is this largely an IE based attack?
While it is possible the phising attacks are probably quite well crafted, am I right in believing the res:// protocol is a windows/IE only trick?
Another good reason not to use IE at all, even if you are dedicated to using Windows for other reasons?
(And before the trolls come out, yes I know all OS are vulnerable to some degree, more so for Trojans, but indulge me this fanboi-baiting luxury given Windows 99.95%+ share of current malware)
no... all browsers capable of running on Windows are vulnerable
You're right about the res:// protocol being a Windows only "feature", but due to the CSS flaw of the bug in question, all browsers that can run on Windows are potentially vulnerable, especially as it exploits a hole in all versions of Adobe Flash.
Emails with Faked From-Addresses
Re: "The malicious email, which posed as a message from the Facebook security team"
Here at 1USA.Com, our mail servers check to make sure that the From-Address, Mail-From address, Return-Path address and Reply-To address are legitimate for the mail server that's sending the email, and that the IP address of the sending mail server resolves.
As a result, our 1usa.com customers get no spams in their In-Box... unless they invite them in.
There are protocols to determine if an email is legitimate or not. One is called SPF and the other one that's used by Gmail, Hotmail and Yahoo is called Domain Keys.
Just having a Domain Key in the header of an email does not indicate that the email is legitimate though.
1USA.Com has this wonderful mail server that stops spams... but most people would rather go get a 'free' throw-away email account from some other mail server host, then gripe when their bank account is cleaned out. Maybe they need to take Email more seriously... and switch their email service.
Reading PA USA
- Pics Facebook's Oculus unveils 360-degree VR head tracking Crescent Bay prototype
- Teardown Pop open this iPhone 6 and see where the magic oozes from ... oh hello again, Qualcomm
- Analysis Apple's warrant canary riddle: Cock-up, conspiracy, or anti-Google point-scoring
- Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln
- Something for the Weekend, Sir? Oh God the RUBBER on my SHAFT has gone wrong and is STICKING to things