DarkFiber Consulting – IT Managed Services

Federal Bureau of Investigation Warns Public of Fraudulent Spam Email

October 14th, 2009 . by DarkFiber Consulting

The Federal Bureau of Investigation (FBI) has released information warning the public about fraudulent email messages purporting to come from the FBI or the Department of Homeland Security. These email messages contain a malicious attachment that claims to provide an intelligence report or bulletin, but in reality attempts to launch malware on the user’s system.

More information regarding these messages can be found in the Federal Bureau of Investigation’s New E-Scams and Warnings web site.

To help protect against this type of attack, DarkFiber Consulting recommends that users avoid opening attachments contained in unsolicited email messages. Additional tips regarding email attachments can be found in the DarkFiber Consulting Cyber Security Tip – Using Caution with Email Attachments.

Malicious Code Spreading Through USB Flash Drive Devices

November 20th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of an increase in malicious code propagating via USB flash drive devices. Currently, there are two popular methods by which USB flash drives are being infected with malicious code. Please note that these are not the only two methods available.

The first of these methods is referred to as simple file copy. This means that the malicious code initially resides on an infected computer and copies itself to all the storage devices connected to the affected computer. This method requires the user to access the USB flash drive and execute the malicious code.

The second method is referred to as AutoRun.inf modification. This means that the malicious code alters or creates an autorun.inf file on targeted storage devices connected to the affected computer. When an infected USB flash drive is connected to another computer, the malicious code can be automatically executed with no additional user interaction.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

  • Install antivirus software and keep the virus signatures up to date.
  • Do not connect an unknown or untrusted USB drive to your computer.
  • Disable AutoRun or AutoPlay features for removable media.
  • Review the Using Caution with USB Drives Cyber Security Tip for more information on protecting your USB flash drive.
  • Review The Dangers of Windows AutoRun Vulnerability Analysis Blog entry for more information regarding AutoRun.