DarkFiber Consulting – IT Managed Services

H1N1 Malware Campaign Circulating

December 10th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a malware campaign circulating. This campaign is circulating via email messages offering information regarding the H1N1 vaccination. This email messages contain a link to a bogus Centers for Disease Control and Prevention website. Users who click on this link may become infected with malware. Public reports indicate that these email messages are noted as having subject lines such as: “Governmental registration program on the H1N1 vaccination” and “Your personal vaccination profile.” Please note that subject lines may change at any time.

DarkFiber Consulting encourages users to take the following precautions to help mitigate the risks:

  • Install antivirus software, and keep the signature files up to date.
  • Do not follow unsolicited links and do not open unsolicited email messages.
  • Use caution when visiting untrusted websites.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on avoiding social engineering attacks.

U.S. Federal Reserve Fraudulent Email Scam

November 13th, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of a fraudulent email scam circulating via messages that falsely appear to be from the U.S. Federal Reserve. These email messages contain information about a phishing scam and links for users to follow to obtain additional information about the scam. If a user follows the links, they will be redirected to a malicious website where a PDF exploit is used to install malicious code on the affected system.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Google Chrome Download Vulnerability

September 3rd, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of a vulnerability that affects the Google Chrome web browser. This vulnerability is due to a default configuration that allows files to be downloaded without prompting the user. In addition, downloaded files can be opened with a single click, which could allow a user to inadvertently open a malicious file.

DarkFiber Consulting encourages users to enable the “Ask where to save each file before downloading” option within the “Minor Tweaks” tab in the browser preferences. Although this does not fix the underlying vulnerability, selecting this option will warn the user before files are downloaded. Users should still exercise caution when visiting and downloading items from untrusted websites.

DarkFiber Consulting will provide additional information as it becomes available.