wetibbe
09-12-2010, 11:46 AM
Computer Security Alert
The Bureau has asked that we forward this information through our InfraGard channels. If you have not already heard about the recent worm, their message below offers good information on identification and avoidance.
To add another good resource, Gar Warner's blog entry from earlier this week has some more good detail:
http://garwarner.blogspot.com/2010/09/here-you-have-spam-spreads-email-worm.html
From: HQ INFORMATION TECHNOLOGY BRANCH
Sent: Sat Sep 11 22:08:33 2010
Subject: Computer Security Alert
A new Computer “worm” attacked several federal agencies and Fortune 500 companies yesterday. The malicious email messages contain the subject line "Here you have" or "Just For You" and contain a link to a seemingly legitimate PDF file. If users click on this link, they will be redirected to a malicious website that will prompt them to download and install a screensaver (.scr) file. If they agree to install this file, they will become infected with an email worm that will continue to propagate through their email contacts.
Even though we are protected, sometimes the adversaries change the email to look a little different so they can get past defenses. The Bureau is asking all users to carefully watch your emails here at work and on your home machine. To reduce the risk of compromising your FBI workstation, be alert for unsolicited e-mail messages and keep in mind the following traits common to malicious e-mail messages:
· Subject matter related to recipient's work, possibly containing actual U.S. Government information
· A sense of urgency to convince the recipient to open an attachment or click a link within the message
· Convincing content such as upcoming meeting agendas, reports, information on current events or policy issues
· Seemingly-legitimate sender (government and commercial addresses, including @fbi.gov) using legitimate signature and contact information
· Receiving an email with just a link
· An attachment (typically a .pdf or .zip file) or link
Thank you for your assistance and vigilance in protecting the FBI’s networks.
Enterprise Security Operations Center (ESOC)
JEH-HQ
http://www.nym-infragard.us
Thank You for Your Support!
President Capt. Joseph R. Concannon (Ret.)
Executive Vice President John J. Tierney, CISSP CISA, NSA IAM/IEM
Secretary Philip M. Froehlich
The Bureau has asked that we forward this information through our InfraGard channels. If you have not already heard about the recent worm, their message below offers good information on identification and avoidance.
To add another good resource, Gar Warner's blog entry from earlier this week has some more good detail:
http://garwarner.blogspot.com/2010/09/here-you-have-spam-spreads-email-worm.html
From: HQ INFORMATION TECHNOLOGY BRANCH
Sent: Sat Sep 11 22:08:33 2010
Subject: Computer Security Alert
A new Computer “worm” attacked several federal agencies and Fortune 500 companies yesterday. The malicious email messages contain the subject line "Here you have" or "Just For You" and contain a link to a seemingly legitimate PDF file. If users click on this link, they will be redirected to a malicious website that will prompt them to download and install a screensaver (.scr) file. If they agree to install this file, they will become infected with an email worm that will continue to propagate through their email contacts.
Even though we are protected, sometimes the adversaries change the email to look a little different so they can get past defenses. The Bureau is asking all users to carefully watch your emails here at work and on your home machine. To reduce the risk of compromising your FBI workstation, be alert for unsolicited e-mail messages and keep in mind the following traits common to malicious e-mail messages:
· Subject matter related to recipient's work, possibly containing actual U.S. Government information
· A sense of urgency to convince the recipient to open an attachment or click a link within the message
· Convincing content such as upcoming meeting agendas, reports, information on current events or policy issues
· Seemingly-legitimate sender (government and commercial addresses, including @fbi.gov) using legitimate signature and contact information
· Receiving an email with just a link
· An attachment (typically a .pdf or .zip file) or link
Thank you for your assistance and vigilance in protecting the FBI’s networks.
Enterprise Security Operations Center (ESOC)
JEH-HQ
http://www.nym-infragard.us
Thank You for Your Support!
President Capt. Joseph R. Concannon (Ret.)
Executive Vice President John J. Tierney, CISSP CISA, NSA IAM/IEM
Secretary Philip M. Froehlich