DarkFiber Consulting – IT Managed Services

Federal Bureau of Investigation Warns Public of Fraudulent Spam Email

October 14th, 2009 . by DarkFiber Consulting

The Federal Bureau of Investigation (FBI) has released information warning the public about fraudulent email messages purporting to come from the FBI or the Department of Homeland Security. These email messages contain a malicious attachment that claims to provide an intelligence report or bulletin, but in reality attempts to launch malware on the user’s system.

More information regarding these messages can be found in the Federal Bureau of Investigation’s New E-Scams and Warnings web site.

To help protect against this type of attack, DarkFiber Consulting recommends that users avoid opening attachments contained in unsolicited email messages. Additional tips regarding email attachments can be found in the DarkFiber Consulting Cyber Security Tip – Using Caution with Email Attachments.

Malicious Code Spreading via IRS Scam

October 14th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malicious code circulating via spam email messages related to the IRS. The attacks arrive via an unsolicited email message and may contain a subject line of “Notice of Underreported  Income.” These messages may contain a link or attachment. If users click on this link or open the attachment, they may be infected with malicious code, including the Zeus Trojan.

DarkFiber Consulting encourages users and administrators to take the following measures to protect themselves:

Malware Spreading via Social Networking Sites

December 8th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malware spreading via popular social networking sites. The reports indicate that this malware is spreading through spam email messages appearing to come from Myspace.com, Facebook.com, and Classmates.com. The email contains a message indicating that there is a YouTube video available and instructs the user to follow the link to view the video. If users click on this link, they will be prompted to update Adobe Flash Player. This update is not a legitimate Adobe Flash Player update–it is malicious code.

DarkFiber Consulting encourages users and administrators to do the following to help mitigate the risks:

  • Install antivirus software and keep the virus signatures up to date.
  • Do not follow unsolicited links.
  • Use caution when downloading and installing applications.
  • Obtain software applications and updates directly from the vendor’s website.
  • Configure your web browser as described in the Securing Your Web Browser document.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

DHS Email Scam

September 11th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware that spam email messages are being sent that appear to come from high-level DHS officials, some of which attempt to entice the user into an advance fee fraud scam. In some cases, the sender’s address has been spoofed so that the email appears to come from a legitimate dhs.gov address.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Malware Circulating via Russia/Georgia Conflict Spam Messages

August 21st, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malware circulating via spam email messages related to the Russia/Georgia conflict. These messages contain factual information about the conflict. The messages also contain download instructions for the user to watch a video that is attached to the message. If a user opens the attachment, malware may be downloaded and installed onto their system.

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks: