A triple-payload e-mail attack that uses a fake shipping confirmation notice with a supposed attached label is making the rounds.A write-up from the company describes a social engineering ruse designed to nail someone who wasn’t paying close attention, with a .zip file attachment that contains an executable disguised with an Excel file icon. The text of the e-mail tells the recipient to open the attachment to print a shipping label (one big clue that this is a scam).
The Default Windows behavior to show file extensions can help thwart the common trick of using a fake document icon to disguise an executable file, assuming that the attached file made it through your anti-spam and antivirus programs. You’d have the chance to see that the supposed Excel file ended in .exe.
In XP, as Brandt describes, change that by opening Explorer, clicking Tools up top, and then unchecking “Hide extensions for known file types.” In Vista, start with Organize, then choose Folder and Search options. For either Vista or XP, be sure to click the “Apply to Folders” button to apply the change to all folder, not just the one you’re looking at.
{ 4 comments… read them below or add one }
Lerman, it is a great post thanks for writing it!
Thanks for sharing. The slogan on the one waffle is killing me.
The best information i have found exactly here. Keep going Thank you
Excellent post I have to admit.. Simple but yet interesting and engaging.. Keep up the awesome work! This is an excellent post. I’ve the same type of blog myself so I will keep coming back to read more.