Comments on: Targeted e-mail attacks spoof DOJ, business group

Security expert says latest attacks part of an escalating problem. Availability of toolkits, rise of social networks are making it easier for phishers.
Images: Customized e-mail attacks

Add a Comment (Log in or register) (7 Comments)

SCR Files?!?
by Orwellian November 20, 2007 12:25 PM PST: Who the hell is still allowing .SCR files to pass through their systems? Any halfway decent mail gateway can scan inside ZIP files and should be dropping these at the edge, the DOJ email should be a non-issue. Poor IT management if you ask me.; Like this Reply to this comment

User Ignorance/Lack of Common Sense
by `WarpKat November 20, 2007 3:15 PM PST: This is why you see reports about OS' being hijacked - and it's something that was underscored with the Windows XP (non-SP2) hack discussion.

User education about computers in general, including security practices, is SOOOOOOOOOOOOOOOOOOO non-existent that it allows things like this to occur.

You don't HAVE to be a computer know-it-all - but you do have to have SOME knowledge coupled with common-sense.

Knowledge of how to update one's operating system and anti-virus...

...and the common sense to frequently get off one's lazy butt to do it...; Like this Reply to this comment

"Spoofing"

by spothannah November 21, 2007 4:06 AM PST

The author of this story choose a word "spoofing" which has conotations. I would ask the author if the conotations of "spoofing" are appropriate in this case. Journalism is getting a reputation that it may not want. It must hold closely to the ideals that have made it trustworthy in the past.
I would like to hear/read the author's comments about this. Thank you.

Like this Reply to this comment

Please clarify your comment
by KevinK November 21, 2007 11:25 AM PST: I am not sure I understand your objection to the term "spoofing" - in this instance it seems like the right choice of words.

Spoofing in this context implies an email that appears to come from a specific source but actually doesn't. The term is widely used to refer to any email that represents to come from one source, like say a bank or government agency, but actually comes from a scammer. Spoofs may contain links to spoofed sites which demand sensitive personal information or viral/trojan/worm payloads that compromise a machine and frequently personal information.

You might want to take a look at wikipedia or similar for more on this common usage of the term.; Like this

Well ...
by NoVista November 21, 2007 6:21 PM PST: Could you give me a list of a few words without conntations?

Then we can play 'Interpretation and Over-interpretation' OK?; Like this

Can this affect macs?
by Lukfire43 December 3, 2007 12:25 PM PST: I opened the ZIP file that the .scr file came in but I did not open the
.scr file. Am I at risk? Should I format just incase? Am I paranoid -
yes.

Thank you
Mac OS X 10.5.1; Like this Reply to this comment


by malcolm.hansen2 February 12, 2009 10:10 AM PST: allowing .SCR files to pass through systems is dangerous.; Like this Reply to this comment

(7 Comments)

Latest tech news headlines

New Apple ads to Verizon: Can Droid do this?
Posted in Technically Incorrect by Chris Matyszczyk

November 23, 2009 5:45 PM PST
Charlie the robot joins rest home staff
Posted in Crave by Leslie Katz

November 23, 2009 5:17 PM PST
Millions using social media on Xbox Live
Posted in Geek Gestalt by Daniel Terdiman

November 23, 2009 5:02 PM PST
See all headlines