Saturday, April 22, 2006

Email spoofing.

Email “spoofing” is when an email message appears to have originated from one source when it actually was sent from another source.

Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).
Spoofed email can range from harmless pranks to social engineering ploys.

Examples of the latter include email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not comply email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information

Note that while service providers may occasionally request that you change your password, they usually will not specify what you should change it to. Also, most legitimate service providers would never ask you to send them any password information via email.

If you suspect that you may have received a spoofed email from someone with malicious intent, you should contact your service provider's support personnel immediately.

Solution:

Don't open unknown email attachments

Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.

If you must open an attachment before you can verify the source, we suggest the following procedure:

* be sure your virus definitions are up-to-date
* scan the file using your antivirus software open the file

For additional protection, you can disconnect your computer's network connection before opening the file.
Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.

Courtesy: http://cert.org

No comments:

Post a Comment