Discussion in 'Business & Enterprise Computing' started by Joshhy, Sep 12, 2014.
you should try working with scienticians.
You say that like it ever stopped? In my experience they are constantly being sent, I see them daily getting blocked to my users same with dodgy supboena emails
Engineers aren't great either.
I'd wager to say that any given professional fraternity greatly values itself over any adjunct services. That's just the way they are. Their chosen profession evidences that which they decree to be the most important thing in the world.
Fair enough, I work for a very well known hospitality group so we are targeted quite a bit.
its back to phishing now, there is a run of telstra "refund" emails and dropbox "authenticate here" emails now.
An email a customer got had a drop box "sign on" link to a page on a hacked server that had logos for yahoo, dropbox, outlook, google, and probably 4-5 other "services" so you can get your file.
I mean yahoo right? who the fuck even knows that yahoo is still around...
Not sure if already posted, new Federal Police variant now doing the rounds - looks similar to the AGL one / probably same payload..
"You are invited to the presiding judge by the judge because of law violation".
"Savvy user" filtration techniques in full use I see. Pretty sure that if the AFP want you in court they don't "invite" you, they issue a summons or subpoena.
Interesting to think about the sort of people this "invitation" might trick, and the likelihood of them following through with payment (or getting brutally skimmed).
Does the unsubscribe link point to the same URL as the print button, or something different? Could be an effective way of catching a few extra with a different payload.
Quite fascinating to see them targeting certain groups this way.
Although I read a great article the other day about some dude who was genuinely computer/security savvy, and fell for one of these just due to sheer distraction. He was moving office over the weekend, and buying and selling a bunch of stuff on eBay. A message came in, he clicked, lo and behold he got stung. It just looked like another message in the noise, and he didn't take the 3 seconds required to think about it.
Goes to show it's hard to be wary when you're weary (sorry, I couldn't resist that).
I know of a person who does phishing email testing as a major part of their job completely falling for one. Same story, distracted and just opened it without thinking. Whenever someone says to me "yeah but they're all tech savvy here" I say "yes but they haven't always had their coffee before doing emails." Shit happens unfortunately
Rookie mistake imo
I cannot disagree there
I've been hearing of loads of people in perth getting hit by the crysis ransomware, hacked RDP accounts (brute force) dialing home weeks after being compromised and executing the ransomware overnight. It even encrypted the shadow protect backups of a potential new client They don't even want a ransom it's purely malicious. Sadly I've become really quite good at identifying and removing these after a few years of doing it around once a month for somebody.
HTTPS inspection FTW.
Recovering data RIGHT NOW of a client hit by the AGL one. Backups are inaccesible to the lan... just copying the data back, problem solved.
haha we have offsite backups for all our clients who are prepared to pay for it (except those poor bastards on ADSL, but i offer them a rotating drive service at least). this client came to us today for advice as they were basically fucked yesterday and their current IT couldn't do anything.
When the guy who ran cryptolocker last week asks if you can find some files from 1998 (13 years before we had any association with the business) that he has no idea where they might have been located...
Bahahaha. Poor sod.
1998: "I'm not spending all this money to back up data for 20 years!"
I had a user yesterday create a ticket because they weren't able to open a file attachment that they needed to access.
It was an AGL email, and we don't even have our power with AGL, why is she trying to open the bill?? Luckily our antivirus was able to nuke it before she could open it multiple times...
My faith in end users is at an all time low...
We typically apply software restriction policies to block executables within userprofile, where requested, we have a local user configured to allow end users to install software.
One of them was clever enough to follow our instructions on saving an exe to a location outside his profile and running it as the local account. The exe was of course a virus.
Much worse. Geologist.
From years dedicated to working with rocks, they inherit a rock like ability for comprehension and decision making.