Once upon a time, before I knew anything about computers.... I had to learn who I could trust. Now that I know that, I love to play with infections on my computer!! I have never been bitten by the infection themselves. I have been, by those I was paying and trusting to keep me safe!! I received this email:
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Thu, March 24, 2011 6:19:58 PM
United Parcel Service notification #XXXXXXXXXX
From: |
United Parcel Service <info64@ups.com>
Add to Contacts |
To: |
XXXXXXXXXXXXXXXXXXX
|
|
|
|
|
United Parcel Service document.zip (6KB)
|
Dear customer.
The parcel was sent your home address.
And it will arrive within 3 business day.
More information and the tracking number are attached in document below.
Thank you.
© 1994-2011 United Parcel Service of America, Inc.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
I checked it out here:
http://www.zdnet.com/blog/security/spamvertised-united-parcel-service-notifications-lead-to-malware/8478
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Yahoo Mail uses Norton AntiVirus, which had this to say:
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
No viruses detected
The virus scan did not find any viruses in your attachment. Click the download button to continue.
United Parcel Service document.zip (6KB)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
and I had this to say: What I do NOT know is why they also posted this link? United Parcel Service? It leads to the ZD Net link that tells the story. I sure am glad I know about TRUST! Good Luck.
<<Edit: Thread has been edited to conform with the Terms of Service and Participation Guidelines>>
This is truly amazing!!! Yahoo mail uses Norton AntiVirus to scan the attachments that are sent through their email system. I have received many infected emails lately. They are disguised as DHL, UPS, FedEx, and now this one. They ALL are worded about the same, and look very similar... What I REALLY find HARD to believe; Norton only catches about 1 out of 50. I can click on the same attachment 50 times and 49 of those time, Norton is prepared to download and open it??? Also I have notified Yahoo countless times, and they have failed to do anything either.
Delivery Express system notification
From: | ExpressDelivery system <86infoiemai@devexp.com> |
To: | @yahoo.com |
|
Cc: | @yahoo.com; @yahoo.com; @yahoo.com; @yahoo.com; @yahoo.com; @yahoo.com; @yahoo.com; yahoo.com; yahoo.com; @yahoo.com; @yahoo.com;c@yahoo.com |
|
|
| Document.zip (5KB) |
Dear customer
The parcel was sent your home adress
And it will arrive within 10 business days
More information and the tracking number
are attached in document below.
Thank You
© Delivery Express 1995-2011
HI 1hrirab,
As Yahoo! posts on their Email Virus Scanning page "Remember, not all viruses can be detected and cleaned." Most malware authors use sites like VirusTotal to make sure that what they are sending out is undetectable by most antivirus products. Once the malware is in the wild the security vendors can recognize and block it - but until the threat is known there is a window of opportunity for it to infect user's PC's. Also, the file in your example is a compressed file which tends to make detection harder and the scan more time consuming. Most home installations of Norton have compressed file scanning enabled, but I am not sure to what extent Yahoo! scans within compressed files. As always best practice is to only open attachments that you are expecting, and if you do not want to rely totally on Auto-Protect you can save the attachment to disk and run a file scan before opening. And, of course, being knowledgeable about how to recognize a dangerous email, as you clearly are, also helps.
I will take a moment to say, thanks for your reply, and ask questions.. Take most computer users, if they receive this email. They see that Norton does a security scan of the attachment and "No viruses detected". They then feel protected and willing to download the attachment. Does this not violate their trust in NORTON? If they are paid subscribers, does the Yahoo Norton scan act as the default scanner? I would rather not have it scanned, than have it scanned by a program that can not be trusted? False Confidence!!
By the way, I am glad to have received these attachments. I used them to try out several, "AntiVirus"/"Malware" programs. That saying about you get what you pay for, does NOT hold true in this case! Thanks
This new's article just came in:
Email Breach: 8 Ways to Protect Yourself
http://finance.yahoo.com/banking-budgeting/article/112498/email-breach-protect-data-moneywatch?mod=bb-creditcards
No viruses detected
The virus scan did not find any viruses in your attachment. Click the download button to continue.
Document.zip (5KB)
Download Attachment |
| Cancel |
Once upon a time, before I knew anything about computers.... I had to learn who I could trust. Now that I know that, I love to play with infections on my computer!! I have never been bitten by the infection themselves. I have been, by those I was paying and trusting to keep me safe!! I received this email:
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Thu, March 24, 2011 6:19:58 PM
United Parcel Service notification #XXXXXXXXXX
From: |
United Parcel Service <info64@ups.com>
Add to Contacts |
To: |
XXXXXXXXXXXXXXXXXXX
|
|
|
|
|
United Parcel Service document.zip (6KB)
|
Dear customer.
The parcel was sent your home address.
And it will arrive within 3 business day.
More information and the tracking number are attached in document below.
Thank you.
© 1994-2011 United Parcel Service of America, Inc.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
I checked it out here:
http://www.zdnet.com/blog/security/spamvertised-united-parcel-service-notifications-lead-to-malware/8478
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Yahoo Mail uses Norton AntiVirus, which had this to say:
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
No viruses detected
The virus scan did not find any viruses in your attachment. Click the download button to continue.
United Parcel Service document.zip (6KB)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
and I had this to say: What I do NOT know is why they also posted this link? United Parcel Service? It leads to the ZD Net link that tells the story. I sure am glad I know about TRUST! Good Luck.
<<Edit: Thread has been edited to conform with the Terms of Service and Participation Guidelines>>
Hi 1hrirab,
You make a good point. Novices or users who just haven't bothered to learn the basics of computer security are likely to misconstrue "No viruses detected" as some sort of assurance that there aren't any, rather than that there just aren't any that could be found. All AV programs miss things and no one can boast a detection rate of 100%. Norton has other protections in place as well, such as the reputation scans used with Download Insight that do a pretty good job of warning users about files that, while not known to be malicious, are nevertheless not to be fully trusted as safe. There are all sorts of different components at work, but security is a process that also involves the user. Just because a scan says that an attachment appears safe, that is no excuse to completely ignore the well known caveat about opening suspicious attachments. But, unfortunately, some users still do - and if they get infected they of course put the blame entirely on the software, rather than take some responsibility for their own reckless behavior.
Good article, by the way. You might want to also post it in the following thread where the Epsilon breach is being discussed:
http://community.norton.com/t5/Tech-Outpost/Epsilon-Data-Breach-For-Informational-use-only/m-p/427818/highlight/true#M3110
I'd go a step further and say that "No virus found" doesn't mean that it does not contain a link to a dangerous website, as is actually the case with UDP and similar spam.
And since it is the recipient who chooses to click on that or not there's not a lot a security application can do, as I see it.
"The greatest danger to your computer lies between the left ear and the right ear of the operator ..."