(but I obscured a few things here with #### so no one inadvertently clickson a link):
(but I obscured a few things here with #### so no one inadvertently
clicks on a link):
just change http to hxxp or similar ;)
(but I obscured a few things here with #### so no one inadvertently
clicks on a link):
just change http to hxxp or similar ;)
Six or one half dozen of the other. :)
I actually contemplated obfuscating the http:// part, but obviously I changed my mind.
(but I obscured a few things here with #### so no one inadvertently
clicks on a link):
just change http to hxxp or similar ;)
Six or one half dozen of the other. :)
not really because now others of us cannot look up that information and
set blocks or filters in our IDS/IPS ;)
filter?not really because now others of us cannot look up that
information and set blocks or filters in our IDS/IPS ;)
Oh.. I see. Good point. But couldn't http://march262020.* work in a
But, FYI, replace "####" with "club". No point keeping it a
secret if the goal is to help protect others.
BTW, although it is far easier to just drop the phishing
email/attachment with the delete key, we can parse the file,
extract the clear-text and share the http:// strings found
therein.
Obviously, the macro in the original .xls file relied on Excel
functions to run a macro to fetch a bot from a website and launch
the payload.
yep... this is why the setting to allow macros and/or executing startup macros should be OFF these days...
Good job. I love doing that on the rare occasion I get an attachment. with
xls I like to save them as zip files, then extract the components and dig
around. It's silly simple how some of these trojans work.
We don't usually see them at work since I administer our content analysis
system and it soaks everything up.
I think the originators deserve a reciprocation of their own medicine.
I have toyed with the idea of replying to the ones that request
payment, and just send back a message that says, details of payment
"are ENCLOSED in the attachment. Password is the same as you
provided: 1234" ..and send back the file.
Many of these emails are so stupid. I despise those things. There
should be a away to block them right at the ISP/server side. I would rather not have them delivered to my mailbox in the first place. Why can't ISP's block certain ip addresses right on the spot?
Many of these emails are so stupid. I despise those things. There should
be a away to block them right at the ISP/server side. I would rather not have them delivered to my mailbox in the first place. Why can't ISP's
block certain ip addresses right on the spot?
Good job. I love doing that on the rare occasion I get an attachment. with
xls I like to save them as zip files, then extract the components and dig
around. It's silly simple how some of these trojans work.
I have toyed with the idea of replying to the ones that request
payment, and just send back a message..
And what should that do??
THEY know what they are doing.
THEY can deal with it nicely.
This is much better, and funnier:
https://www.youtube.com/watch?v=_QdPW8JrYzQ
Many of these emails are so stupid. I despise those things. There
should be a away to block them right at the ISP/server side. I would
rather not have them delivered to my mailbox in the first place. Why
can't ISP's block certain ip addresses right on the spot?
On what basis should they do so??
But there is a really easy and extremely effective way!
Greylisting.
It simply refuses the first delivery of the mail...
The other/additional method is to set up SpamAssassin.
It scores the mail and if the score is too high it does not accept it.
But it is much more complicated to set up and maintain.
I have toyed with the idea of replying to the ones that request
payment, and just send back a message..
And what should that do??Maybe start to annoy THEM?
This is much better, and funnier:
https://www.youtube.com/watch?v=_QdPW8JrYzQ
I remember seeing that several years ago. It was fun to see it again.
How long would you tolerate someone pricking you with a pin at the
back of your neck after you've told them to stop coming near you?
The other/additional method is to set up SpamAssassin.That one sounds very familiar. Good to know that there are solutions
It scores the mail and if the score is too high it does not accept
it. But it is much more complicated to set up and maintain.
that ISPs can implement. But whatever is being done, is not good
enough.
This one has nothing to do with spam, but I think it is quit funny:
https://www.youtube.com/watch?v=f5d8pVg3Qtg
Maybe start to annoy THEM?
Nope :)
That one sounds very familiar. Good to know that there are solutions
that ISPs can implement. But whatever is being done, is not good
enough.
Change your mail provider :)
This one has nothing to do with spam, but I think it is quit funny:
https://www.youtube.com/watch?v=f5d8pVg3Qtg
Getting "Video unavailable - The uploader has not made this video available in your country."
This one has nothing to do with spam, but I think it is quitGetting "Video unavailable - The uploader has not made this video available in your country."
funny:
https://www.youtube.com/watch?v=f5d8pVg3Qtg
https://www.youtube.com/watch?v=f5d8pVg3Qtg
Getting "Video unavailable - The uploader has not made this
video available in your country."
it is a vid from Conan, the night time TV talk show guy with red
hair... it loads fine here... it should load fine for you up
there in canada... at least, that's where you were the last i
recall... i think... maybe...
Sysop: | altere |
---|---|
Location: | Houston, TX |
Users: | 66 |
Nodes: | 4 (0 / 4) |
Uptime: | 01:04:41 |
Calls: | 635 |
Calls today: | 2 |
Files: | 7,638 |
Messages: | 292,270 |