virus - at the customs house
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: virus - at the customs house
virus - at the customs house
25-07-2008 4:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The title was something about picking up a parcel from customs. I blocked it and have deleted it but can someone tell me what if any danger there is in opening the mail rather than the attachment? I assume it is the attachment that usually brings with it the danger of infection? I did open the mail and there was a zip file attached which I left well alone......
Re: virus - at the customs house
25-07-2008 5:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Depends how you feel, it is best to look at the program under outlook express by right clicking and then select profile, then source, this will allow you to look at the source without opening it.
AVG8 detects the virus within the zip and quarantines it
The Subject has been UPS, just had one from
* "Willa Barrera" Allegiant Air <cbnwr@bleuquest.com>
The subject line of the mail received was:
* Your order from {airlines} N2028271
Re: virus - at the customs house
26-07-2008 12:26 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
They are really nice people at HMRC
puddy
Re: virus - at the customs house
26-07-2008 9:11 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: pierre_pierre Depends how you feel, it is best to look at the program under outlook express . . .
Errm, no bro! It is best not to use Outlook Express at all!
Most mail clients these days can be configured to not fetch files from the Internet (images, scripts, etc.) embedded in links within an html email message. I think that in MSWindows mail clients you have to change the settings to 'untrusted zone'. Unless you have that setting configured in your Outlook Express it will open up anything and everything . . . Also, the Auto-preview feature means that Outlook Express will run the lot before you double click on the message to open it. Of course, safer clients like e.g. Thunderbird, Eudora, Pegasus, etc. have that setting set by default and they will not download files from links. I recall that at some point in history, an MSWindows update changed that setting to not open links by default in Outlook Express - but you better check.
If you are suspicious that a message is dodgy and you want to see what's in it, then you can set up your mail client to only display messages in plain text.
Similarly, most webmail implementations are configured not to open links. Opening your messages in a correctly configured webmail is the best solution because you are not downloading anything to your PC and you are not running anything locally.
So in conclusion, the best solution would be to use webmail, after you configure it to not download embedded html links, or to only display messages in plain text.
Second best would be to use a mail client which is safer that the MSWindows offers of products and to similarly configure it to not download embedded html links, or to only display messages in plain text. Thunderbird is a good one.
HTH.
Re: virus - at the customs house
26-07-2008 9:44 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: virus - at the customs house
26-07-2008 9:47 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote If you are suspicious that a message is dodgy and you want to see what's in it, then you can set up your mail client to only display messages in plain text.
That unfortunately wont stop the zip attachment coming through, then the unwary might open the zip
Re: virus - at the customs house
26-07-2008 9:51 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote Unfortunately we were not able to deliver postal package you sent on July the 1st in time
because the recipient's address is not correct.
Please print out the invoice copy attached and collect the package at our office
Your UPS
Viruses found in the attached files.
The file invoice_8712.zip: Trojan horse SHeur.BYKQ. The attachment was removed from the mail.
Checked by AVG - http://www.avg.com
Version: 8.0.138 / Virus Database: 270.5.5/1570 - Release Date: 7/24/2008 6:59 AM
Plain text download lucky for AVG
Re: virus - at the customs house
26-07-2008 1:04 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
A good antivirus is essential even when running more robust mail clients. It should catch most attachments that the antivirus company knows about at this moment in time. There's no problem downloading these, or saving them on your hard drive - the problems come from running them.
Re: virus - at the customs house
26-07-2008 1:17 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: puddy
They are really nice people at HMRC
Not in my opinion. Paid duty on imported cigars which then were lost or distroyed, their story keep changing, take several months to get the refund of the duty but no joy for a refund for the cigars.
Re: virus - at the customs house
26-07-2008 1:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote Plain text does not run any scripts that may have been embedded in html code. Viewing images that were posted in the message is OK, the problems may start if there is a linked image that your client will go to fetch from the Internet
I will say it yet again. the virus was in an attachment. the plain text was convincing enough to make some one in a hurry to open the "Invoice"
What would an IMAP program do to alter that?
Re: virus - at the customs house
26-07-2008 2:15 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: pierre_pierre I will say it yet again. the virus was in an attachment. the plain text was convincing enough to make some one in a hurry to open the "Invoice"
No programme will protect you from yourself . . . even when it does, many users will disable it - how many Windows users you know who run their OS logged in as plain users? Most executables will not run, or will not install if you run your machine as a plain user.
With regards to the message being convincing - when was the last time that UPS or a courrier, or a bank, or ebay, or paypal, etc., sent you an attachment?
Quote from: pierre_pierre What would an IMAP program do to alter that?
IMAP4, or POP3 are not related to this thread.
Re: virus - at the customs house
26-07-2008 2:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: the I got some spam on an old address I rarely use these days-
The title was something about picking up a parcel from customs. I blocked it and have deleted it but can someone tell me what if any danger there is in opening the mail rather than the attachment? I assume it is the attachment that usually brings with it the danger of infection? I did open the mail and there was a zip file attached which I left well alone......
Strange,
I thought the question was what should the punter do
Re: virus - at the customs house
31-07-2008 12:57 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Likewise any other mail clients that have such a facility.
I'm afraid there are too many ordinary folk that will be suckered into opening such things which why it is imperative that you have good AV and Firewall on your machine. AVG will quarantine a dodgy attachment.
Even with what seems like belt and braces on one's machine, I would NEVER open a suspect mail on webmail whatever the settings one had. Some hacker or other may have found a way of making you vunerable. Nor can you look at the headers of a suspect mail in webmail without opening it
I agree with pierre_pierre. For ordinary folk with Outlook Express on their machines, popping the mail then if you need/want to look at the headers/source - RIGHT click, select Properties/Details/Message Source and then copy/paste headers or whatever you want safely to a text file if needed.
Re: virus - at the customs house
31-07-2008 5:27 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: virus - at the customs house
31-07-2008 6:19 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
If you want to report the spam, you'll need the headers etc.
Deleting it out of hand hardly achieves that
The safe way has been explained.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: virus - at the customs house