Undeliverable Items in Your Mailbox?

Undeliverable
Fake returned message

Why was it marked Undeliverable?

  • You typed in the address wrong
  • the email address has been deleted
  • the person’s mailbox is full
  • their server is down

When you get it returned to you marked “Undeliverable”, it will have a long set of details from the “postmaster” on the server. You will need to check the address or wait for the person to make some space in their mailbox.

However, this is being used to send spam and phishing emails.

The images here are of an email I received that I supposedly sent and has been returned.

Why this is fake!

  • The postmaster address is fake. I checked and the website doesn’t exist.Undeliverable2
  • I didn’t send anything to redwingshoes.onmicrosoft.com or vasque.com
  • It has weird attachment names – What in the world is “anticommunist definability mulch”? I probably don’t want to know.
  • It is full of useless information about how to fix the problem.
  • They simply want you to either reply or click on the attachments.

DON’T DO IT.

 

 

What to do.

Delete the message. Then remove it from your deleted folder if possible.

Undeliverable1

Don’t

  • Open any attachments.
  • Click to download images if they have been blocked.
  • Reply to the message.
  • Send an email to anyone in the message.
  • Forward to anyone.

Email safety

Check out these links regarding safe and secure email practices.

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201407_en.pdf

https://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201302_en.pdf

 

View the full text version of the email I received: Undeliverable text version

 

Another Flash Player Update – Get It Now!

You might be one of the 1.3 billion users of Adobe Flash Player. If so are you up to date?

Another Flash Player update was just released, the 20th in the past year. This one fixes a flaw that is already being exploited, and you could be next.

So if you have Adobe Flash Player you need to keep it up to date.

Do I have Adobe Flash Player?

Likely you do. Here’s how to check. Open your browser and go to https://helpx.adobe.com/flash-player.html

If you open in Chrome you will get this:Flash Player Update

As you can see Flash Player is installed in Google Chrome (by default). As of this writing the Flash Version is up to date, 16.0.0.305.

Flash Player Update

If it is not up to date you can go to Customize and Control Google Chrome in the upper right hand corner, and click About Google Chrome. As it opens it will check for updates and let you know if you need to update.

Learn more about updating Google Chrome here.

Although you can’t remove Flash Player from Google Chrome, you can disable it.

Simply enter chrome://plugins/ in the address bar and scroll down to Adobe Flash Player and disable it.

This makes it easy to reverse if you need to use it later.

For Internet Explorer in Windows 8/8.1 go to Flash Player Updatethe settings gear in the upper right hand corner and click Manage Addons.

Click on Show >All Addons.

Find Shockwave Flash Object and disable.

Flash Player Update

In Windows 7 and earlier you can disable Flash Player as above or remove it completely. The best way is to use the uninstaller. It and instructions can be found here.

If you don’t need it at least disable it and if you do need it make sure it is up to date. Either set it up for automatic updates, or at least heed the prompt when it tells you of a new version.

 

 

Another Browser Hijacker

Read this story about another, although poorly done, browser hijacker attempt that may appear in your browser.

There is a lesson here. Be sure you can trust a site before you click on it.

This site was apparently compromised and the malicious link added. You can receive the same sort of malware in an email.

As noted in the article, you may be able to clear the problem by rebooting, or repeatedly clicking “Leave this page”.

Be especially careful if there seems to be no real connection to the website and the information you are looking for. Be smart. Stay safe!

https://isc.sans.edu/diary/Simple+Javascript+Extortion+Scheme+Advertised+via+Bing/18337

Browser Hijacker

This fake cyber crime warning may appear on your screen. Browser Hijacker

Cyber Crime – Actually You are a Target

 Are You Safe From Cyber Crime?

A common misconception many people have is that they are not a target for cyber crime: that Cyber Crimethey or their computers do not have any value. Nothing could be further from the truth. If you have a computer, mobile, device, an online account, email address, credit card or engage in other type of online activity, you are worth money to cyber criminals.

Read the April Newsletter from SANS Securing the Human for tips on protecting yourself.

Yes, You Actually Are A Target

Visit Sans Securing the Human

for monthly newsletters.

 

Internet connected appliances could be compromising your security

(From CNN) — It’s bad enough that we have to fear identity thieves who are trying to scam us with malicious messages sent from PCs.beautiful refrigerator

We now must worry about being targeted by our household appliances, as well.

An Internet-security firm has discovered what they are calling a global cyber attack launched from more than 100,000 everyday consumer gadgets such as home-networking routers, televisions and at least one “smart” refrigerator.

If you have internet connected appliances, do you like them? Have you had any problems? Any words of advice for others?

If you don’t have internet connected appliances, tell us why not in the comments section below.

Read the article here

Hacking

Don’t Unzip Dangerous Zip Files

Mailbox messages with dangerous zip files.

These can appear in your mailbox disguised as a legitimate fax from a reputable company, in this case Xerox. . In fact, the link to Xerox is valid and will send you to their website. However, the same cannot be said about the attachment. Although innocent looking, it may contain dangerous zip files. A zip file can be used to get past email filters that will not allow an executable file to be delivered. This can properly be used to send a legitimate file to someone.

An Email with a Dangerous Zip File

Dangerous Zip Files
An email like this can contain malicious code that can cost you your identity.

What are the clues that indicate that this email may contain dangerous zip files? Continue reading Don’t Unzip Dangerous Zip Files

Phishing Email Experian

This is an example of a phishing email.  It came with an attached ZIP file which as you see below  claims to contain a key change to your credit report, but will no doubt contain malicious code. The usual purpose of this a phishing email is to either get your personal information or install a rogue program on your computer.

A warning from Experian is here. Also note that the attachment may not be picked up by malware or anti-virus scanners, but that doesn’t mean it is safe,SO DON’T OPEN IT!

A phishing email can be very well disguised. The corporate logos can be found and copied and email links can appear to be from the company, but lead to the phishing site.

Always be cautious and realize that legitimate companies will not ask for personal information, nor will they supply a link in an email, but rather ask you to log into their site directly from your browser and check your account.

If you receive an unexpected email with an attachment be very suspicious.

 

Text from Phishing email shown below.

This email was sent because it contains important information about your account. Please note that if you have previously unsubscribed from Experian.com, you will no longer receive newsletters or special offers. However, you will continue to receive email notifications regarding your account. To ensure that you’ll receive emails from us, please add support@exprpt.com to your address book.
Experian
Membership ID #780313491
A Key Change Has Been Posted to One of Your Credit Reports
A key change has been posted to one of your three national Credit Reports. Each day we monitor your Experian®, Equifax and TransUnion Credit Reports for key changes that may help you detect potential credit fraud or identity theft. Even if you know what caused your Report to change, you don’t know how it will affect your credit, so we urge you to do the following:
View detailed report by opening the attachment. Phishing
You will be prompted to open (view) the file or save (download) it to your computer.
For best results, save the file first, then open it in a Web browser.
Contact our Customer Care Center with any additional questions.
Note: The attached file contains personal data.
Your Experian.com membership gives you the confidence you need to look after your credit. We encourage you to log-in regularly to take full advantage of the benefits your membership has to offer, such as unlimited access to your Credit Report and Score Tracker. Notifications like this are an important part of your membership, and in helping you stay on top of your credit.
*If it has been less than thirty days since you joined Experian.com, your monthly credit statement includes your information for the period of time you have been enrolled.
freecreditreport.com

 

6647-100345-33-1003

Social Networking Safety

Social Networking Computer Key Showing Online CommunitySocial Networking is a right of passage for many. It is part of everyday life. But there are concerns and cautions that should be part of your social networking activity. Read the March Ouch! newsletter to find out how to stay safe.

If there is a choice, use HTTPS. Many sites like google and Facebook either use it by default or give you the choice. To learn why that’s important, read about HTTP vs. HTTPS here.

Social Networking Settings

Facebook has a number of settings that govern what will be seen by others and what is private.

On the privacy tab, you can change who can see your “stuff”, like your posts. They can be public, Friends,  only Me, Close Friends, Family or a custom setting.

You can change the settings on the older posts as well.Social networking_shocked-screaming-young-woman_sizeXS

You can also choose who can see your email address or phone number, to contact you. You can choose Friends, Friends of friends, or everyone.

You can also choose whether search engines can link to your timeline.

The same is true with other social networking. You need to consider carefully what you put on the site, and who you allow to see it.

And remember, a secret may only be a secret until you tell ONE person, then you may lose control over who else gets to know. So be careful what you post. The whole world might be looking.

Similar setting choices are available on Twitter, Linkedin, Pinterest, MySpace, Google Plus+, deviantART and many other sites.

Be sure you know how to protect your privacy  and have fun with your Social Networking.

http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201303_en.pdf

Security Software Designed to Protect You and Your Computer

Security SoftwareSecurity Software

Here is a list of security software and other great programs that I use both for daily operation of my computer and for troubleshooting problems.
Keep checking this post as it will be expanded over time.

Malwarebytes Anti-Malware
Vipre Internet Security
CCleaner
OpenDNS
Continue reading Security Software Designed to Protect You and Your Computer