DarkFiber Consulting – IT Managed Services

Malicious Code Spreading via IRS Scam

October 14th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of malicious code circulating via spam email messages related to the IRS. The attacks arrive via an unsolicited email message and may contain a subject line of “Notice of Underreported  Income.” These messages may contain a link or attachment. If users click on this link or open the attachment, they may be infected with malicious code, including the Zeus Trojan.

DarkFiber Consulting encourages users and administrators to take the following measures to protect themselves:

Swine Flu Phishing Attacks and Email Scams

May 9th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of email scams circulating related to the Swine Flu. The attacks arrive via an unsolicited email message typically containing a subject line related to the Swine Flu. These email messages may contain a link or an attachment. If users click on this link or open the attachment, they may be directed to a phishing website or exposed to malicious code.

DarkFiber Consulting encourages users to take the following measures to protect themselves:

UPDATE: Due to these potential phishing attacks and email scams, DarkFiber Consulting encourages users to visit the Center for Disease Control (CDC) website for trusted information regarding the Swine Flu.

Airline E-ticket Email Attack

July 31st, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports indicating that a new email attack is circulating. This attack uses email messages that appear to be from legitimate airlines and contain information about a bogus e-ticket. These email messages instruct the user to open the attachment to obtain the e-ticket. If a user opens this attachment, a file may be executed to infect the user’s system with malicious code.

Reports, including a posting by Sophos, indicate that these messages have the following characteristics. Please note that these attributes may change at any time.

  • The subject line “E-Ticket#XXXXXXXXXX”
  • An attachment named “eTicket#XXXX.zip”

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks:

U.S. Customs and Border Protection Email Attack

July 25th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of an attack circulating via bogus email messages that claim to be from “US Customs Service.” The messages may contain the subject line “Parcel requires declaration” and indicate that a parcel has been received addressed to the recipient of the email. These messages may also encourage users to open an attachment to the message that may contain malicious code.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

  • Review the alert posted by the U.S. Customs and Border Protection regarding this issue.
  • Do not open attachments contained in unsolicited email messages.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
  • Install anti-virus software and keep virus signature files up to date.

DarkFiber Consulting will provide additional information as it becomes available.