Don’t open mystery attachments, and don’t send them either

Most people know that a sophisticated phishing attack has hit the campus over the past few days. It came from within the campus, and consisted of a message saying ‘Check invoice’ and had an attachment that was a .zip file. If you clicked on the link (say because it came from someone you knew, and did occasionally receive invoices) your computer was infected and it immediately began spreading the infection further.

So, for right now C&IT is blocking all .zip file attachments. And it just reinforces the message that we have been sending: ‘Don’t click on attachments you aren’t expecting’.

But there’s another lesson also. If you do need to send an attachment (and it’s not inherently a bad thing to do) say something in the email message itself about what the attachment is and why you are sending it. So instead of ‘Check invoice’ say something like ‘Here’s the invoice from the Blixeldorf Corporation that we were waiting for’. That kind of text in an email message is impossible to fake (and, of course, if the recipient wasn’t waiting for that invoice they’ll know it’s fake).

So don’t open mystery attachments, and make sure any that you send aren’t mysteries to the people you send them to.

If you do need to send a .zip file in the coming days, you can do so via Wayne Connect Briefcase.

One Reply to “Don’t open mystery attachments, and don’t send them either”

  1. Fortunately, this message was cleaned by Symantec though I wouldn’t have opened it anyway.

    I do have a related question. I have noticed lately that many more spam messages are making it into my inbox. Are the spammers getting smarter in getting around the processes that used to send most of these messages to quarantine. As an aside, I quickly scan these quarantined messages each day to see if any “mistakes” have occurred, but this rarely happens.

Comments are closed.