December 2006 ~ Computer Support - Rated E for Everyone

Supporting tech-nol-o-gy. Yep, that's a computer alright.

Nevermind about the fact that this bl0gger happens to have my name. Maybe I'll have to have a talk (email) with him/her about that. There could be only ONE!

There are some pretty interesting and cool p0sts on this bl0g. The guy actually posts about equipment that he comes accross while doing his tech support job. The computing equipment varies. Sometime is could be dekstops then servers or networking equipment like Adtran routers which he has a nice post on.

He even has some posts on software, registry hacks and even has some software reviews. I particularly liked the one that compares GFI Faxmaker with Captaris Rightfax. These two software packages are on opposite ends of the cost scale but also on the opposite end of features too.

A new variation of an old theme, the trojan name has changed, the file attachment name has changed, but the delivery is the same old played out method of sending a virus or trojan, as an email attachment - how boring.

The people who create some of the viruses I think a very creative in getting there junk software out to the masses. As much as I don't like what they do and how they do it, in fact I consider it a form of torture for regular computer users, they are very good at it.

The newest version, really just another variation of the same old method of spreading their bad software, was today. A desktop user reported to me that they received an email that looked legitimate but because most of my users have been well trained to expect the unexpected when it comes to email scams, questioned the legitimacy of the email and notified me of it.

The subject contained the following:

Re: Mail server report

Which in appearance looks like most real messages sent from email servers. Very bland with no distinguishable characteristics to let the user know that it's really from their own server.

Then the body:

Our firewall determined the e-mails containing worm copies are being sent from your computer.

Nowadays it happens from many computers, because this is a new virus type (Network Worms).

Using the new bug in the Windows, these viruses infect the computer un-noticed. After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail addresses

Please install updates for worm elimination and your computer restoring.

Best regards,
Customers support service

Attachment: Update-KB2703-x86

The attachment even looks like a Microsoft file name - similar but not real. To more experienced people most network administrators they would look at this and see that is was bogus as I did. But to an ordinary user or a less experienced admin, this attachment may very well be clicked on.

About the body, well if you heard enough language accents you would realize that this was written by someone with and accent. The most obvious clue that this isn't legitimate is that real updates don;t some through email and I don't know of anyone who would email another person a software update when they know they can be retrieved online very easily from Microsoft's update service.

It does look good though and even if many scanners would catch the virus as the file was unzipped and run, there are those that have outdated software and would get infected. Just as this email was sent from an infected computer. Then the chain continues on.

A simple rule is, don't open zip files from people you don't know...period. My users are aware of this that they don't open a thing and I have less trouble with outbreaks because of this basic training.

Computer Support - Rated E for Everyone

Thursday, 28 December 2006

Supporting tech-nol-o-gy. Yep, that's a computer alright. - Powered By Bloglines

How do you cost-effectively provide remote support?

Tuesday, 5 December 2006

Another email trojan sent as attachment.

Popular Posts

Categories

Blog Archive

About Me