| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000e01c40637$7c44d430$0100000a@MOTHER> From: yossarian at planet.nl (yossarian) Subject: Hey, ya! =)) Well, they do give social engineering a try I got: Hello user of Planet.nl e-mail server, Our antivirus software has detected a large ammount of viruses outgoing from your email account, you may use our free anti-virus tool to clean up your computer software. For more information see the attached file. For security purposes the attached file is password protected. Password is "71643". aMMount? ----- Original Message ----- From: "madsaxon" <madsaxon@...ecway.com> To: <full-disclosure@...ts.netsys.com> Sent: Tuesday, March 09, 2004 5:58 PM Subject: Re: [Full-Disclosure] Hey, ya! =)) > At 09:12 AM 3/9/2004 -0600, jeremy@...tin.ibm.com wrote: > >Any virus that is inside a password protected zip file, and that > >requires the user to type in the password should never have made it to > >it's 2nd/3rd infection. This one is social engineering at it's > >finest.. "Ooooh, a password, what's inside must be secret!" :^) > > I can't really think of any legitimate reason to pwd-zip > an attachment and then include the pwd in plain text in the > body. I think it's safe to assume that any such message is > malware and discard it as far up the chain as possible. > > m5x > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists