Email malware attacks

guest373 · June 19, 2017, 04:09:57 PM

I have just received the warning linked below. The attack is based on a link in an email, but the malware is triggered by hovering over the link.

austinbob · June 19, 2017, 04:13:40 PM

Are you sure its safe to click on that link?

dannyboy · June 19, 2017, 04:29:37 PM

Who is going to be brave and click on the link

austinbob · June 19, 2017, 04:34:15 PM

Not me Guv...

dannyboy · June 19, 2017, 04:36:32 PM

And I am not prepared to put Malwarebytes and Avast to the test!

Newportnobby · June 19, 2017, 04:40:19 PM

I'm giving it a swerve, too

ntpntpntp · June 19, 2017, 05:01:41 PM

On the face of it that looks like a link to an article on the subject of file-less malware (ie. memory resident), but if you don't trust it then maybe google file-less malware if you want to know more - but only visit trustworthy sites of course!

themadhippy · June 19, 2017, 05:16:19 PM

Use a real operating system an click all the links ya likes

QuoteA recent fileless malware campaign came to light over the weekend, which infected computers in various locations. According to Engadget, the malware campaign targeted businesses in Europe, the Middle East, and Africa. The malware was distributed via a malicious email with a hyperlink to an "invoice" or "order number". The link displayed as if it were a PowerPoint document. However, the user did not have to click on the link to begin executing the scripting attack. By simply hovering the link, the attack was triggered.
Protection and Prevention

Engadget states,

"If you're running a newer version of Microsoft Office, though, you'll still need to approve the malware's download before it infects your PC. That's because the more modern versions of the suite has Protected View, which will show a prompt warning you about a "potential security concern" when the script starts running. Just click Disable, and you'll be fine. However, older versions of the suite don't have that extra layer of security."

Unfortunately, few security solutions are blocking fileless attacks. However, PC Matic recently shared a new layer of protection that was added to their security software solution, fileless ransomware detection.

Fileless attacks are different than traditional malware attacks because they execute through a scripting agent. These scripting agents include PowerShell, Cscript, Wscript, etc. Typically, fileless attacks are more successful than malware distributed by files because security solutions are not scanning for malicious scripts — they scan for malicious files. Therefore, for most PC users, the malicious script will be allowed to execute.

dannyboy · June 19, 2017, 05:25:27 PM

Surely they are all "real operating systems" or are we going down the 'my operating system is better than yours' route? The original post was a warning to us all.

themadhippy · June 19, 2017, 05:37:30 PM

My comment was made tongue firmly in cheek,however

QuoteThe original post was a warning to us all.

the link follows the same assumption that too many people make,that a pc must be using windows and ms office.

njee20 · June 19, 2017, 05:43:32 PM

I'm not sure it's the case that "it must", merely that 99.999% are. Same reason Macs don't get as many viruses, they're not impervious, it's just not worth aiming resources at Mac viruses.

daffy · June 19, 2017, 06:21:00 PM

Quote from: njee20 on June 19, 2017, 05:43:32 PM
I'm not sure it's the case that "it must", merely that 99.999% are. Same reason Macs don't get as many viruses, they're not impervious, it's just not worth aiming resources at Mac viruses.

As an iMac user (not the hair remover

, with two iPads and an iPhone also in the house, and with family members who have flown the nest firmly 'Appled' also, we all keep a weather eye open, for despite the increased challenge to the bad guys that Apple devices present, the operating systems etc are increasingly being targeted. Nothing much, yet, but .......

http://www.macworld.co.uk/how-to/mac-software/do-macs-get-viruses-do-macs-need-antivirus-software-3454926/

themadhippy · June 19, 2017, 06:43:39 PM

Quotefor despite the increased challenge to the bad guys that Apple devices present, the operating systems etc are increasingly being targeted. Nothing much, yet, but

good job yer not using apple dos 3.3 or youd be vulnerable to possible the first computer virus seen in the wild, way back in 1982

Railwaygun · June 19, 2017, 06:49:43 PM

Quote from: daffy on June 19, 2017, 06:21:00 PM
Quote from: njee20 on June 19, 2017, 05:43:32 PM
I'm not sure it's the case that "it must", merely that 99.999% are. Same reason Macs don't get as many viruses, they're not impervious, it's just not worth aiming resources at Mac viruses.

As an iMac user (not the hair remover , with two iPads and an iPhone also in the house, and with family members who have flown the nest firmly 'Appled' also, we all keep a weather eye open, for despite the increased challenge to the bad guys that Apple devices present, the operating systems etc are increasingly being targeted. Nothing much, yet, but .......

http://www.macworld.co.uk/how-to/mac-software/do-macs-get-viruses-do-macs-need-antivirus-software-3454926/

Advice to Mac users

The average Mac user can make sure their system software and associated security updates are installed and up to date.

To make sure that Xprotect, MRT, and Gatekeeper are updated by Apple, you can set your Mac OS system software update settings as found in  Apple menu > System Preferences > "App Store" to be like so:

Make sure important security updates install on a Mac

Setting both "Automatically check for updates" and "Install system data files and security updates" and having stable sustained internet access should be sufficient to install critical background updates to Gatekeeper, MTR and XProtect as is, but updating system software to the latest available version of Mac OS and installing any available security updates is generally considered good security practice. You can also check all of the options for auto-updates, or just have Mac OS automatically install updates too, but however you adjust the settings be sure the "security updates" setting is enabled.

http://osxdaily.com/2017/05/01/check-xprotect-version-mac/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+osxdaily+%28OS+X+Daily%29

daffy · June 19, 2017, 06:54:04 PM

Quote from: themadhippy on June 19, 2017, 06:43:39 PM
Quotefor despite the increased challenge to the bad guys that Apple devices present, the operating systems etc are increasingly being targeted. Nothing much, yet, but
good job yer not using apple dos 3.3 or youd be vulnerable to possible the first computer virus seen in the wild, way back in 1982

As an old codger-in-training I reserve the right not to remember that far back.

And thanks RG, this wise old duck follows the protocols, but it is sage advice to all - keep on top of your system, whatever it is.

Email malware attacks

guest373