7 Replies - 829 Views - Last Post: 16 February 2010 - 11:35 AM

#1 X@MPP  Icon User is offline

  • 僕わ馬鹿ですね?
  • member icon

Reputation: 36
  • View blog
  • Posts: 1,014
  • Joined: 20-February 09

Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 05:25 PM

My aunt Recently emailed me a memo from her I.T Department
i want want to know what you have to say

Quote

Date: Mon, 15 Feb 2010 14:42:24 -0500
Subject: Beware of emails coming from government domains!



I got this from out IT department. You probably already Know about it, but just in case...


Beware of emails coming from government domains! Recently, a campaign has been detected by government officials that is designed to trick computer users into clicking on a malicious link. Clicking on this link will cause your workstation to become infected with the Zeus malware.



Zeus has been used to extract login credentials, banking information and email addresses. The emails that you should be alert to come from the following spoofed sender domains:

* cia.gov
* nsa.gov
* state.gov

The emails have subjects similar to the following:

* RE: National Intelligence Council
* Report of the National Intelligence Council
* United Nations New Centre
* National Intelligence Council
* Intelink Metrics Database

Some emails may come through with “.com” rather than “.gov”.



Our recommendations are:

* Do not trust unsolicited email; simply delete it.
* Do not click links and attachments in unsolicited email messages – that’s often where the viruses are.
* Contact the IT Service Desk at 7378 if you have received any suspicious emails or think you have a virus on your workstation.


Is This A Good Question/Topic? 0
  • +

Replies To: Beware of emails coming from government domains! WTF?

#2 Raynes  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 611
  • View blog
  • Posts: 2,815
  • Joined: 05-January 09

Re: Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 06:40 PM

I think I'm smart enough to not trust such things.
Was This Post Helpful? 0
  • +
  • -

#3 Sethro117  Icon User is offline

  • Still the sexiest mofo.
  • member icon

Reputation: 236
  • View blog
  • Posts: 2,378
  • Joined: 14-January 09

Re: Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 07:02 PM

Because you probably dont deal much with the government. Someone though who has applied to those agencys, or works for a company who is involved with those agencys probably wouldnt think nothing of it. The .com however would be a dead giveaway if one came through like that.
Was This Post Helpful? 0
  • +
  • -

#4 baavgai  Icon User is offline

  • Dreaming Coder
  • member icon

Reputation: 5795
  • View blog
  • Posts: 12,628
  • Joined: 16-October 07

Re: Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 07:10 PM

It's a common misconception that the "from" in an email is somehow validated. It is not.

If you fashion an email yourself, you can have the from be anything. There's even a handy reply-to field as well, so you can get the mail back that comes from a bogus source.

So, if you're going to spoof a from, and you're a conman, what do you choose? Choose something people will trust. Simple.

The email is misleading, though. Don't click on links from anyone. If you're tempted, make sure the name matches and doesn't go simply to an IP address or something like www.idiotmarks.ru
Was This Post Helpful? 0
  • +
  • -

#5 jjsaw5  Icon User is offline

  • I must break you
  • member icon

Reputation: 90
  • View blog
  • Posts: 3,060
  • Joined: 04-January 08

Re: Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 08:01 PM

There are very few things I receive via e-mail that I believe. Probably the best class I took in college was a Cyber-Crime class. But that you for posting this, it's always good to let others know about these types of scams!
Was This Post Helpful? 0
  • +
  • -

#6 Smurphy  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 35
  • View blog
  • Posts: 367
  • Joined: 07-July 08

Re: Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 08:04 PM

One way to check if these are fake is to look at punctuation, grammar and spelling. Recently, on a security now podcast, they were talking about an false email being sent out by a guy claiming to be from UPS.
The host then proceeded to talk about the bad spelling and grammar, which is a dead give away.
Was This Post Helpful? 0
  • +
  • -

#7 AdamSpeight2008  Icon User is offline

  • MrCupOfT
  • member icon


Reputation: 2250
  • View blog
  • Posts: 9,432
  • Joined: 29-May 08

Re: Beware of emails coming from government domains! WTF?

Posted 15 February 2010 - 08:11 PM

It'll make a change from them (The Government) incepting my electronics communications.
Was This Post Helpful? 0
  • +
  • -

#8 woodjom  Icon User is offline

  • D.I.C Addict
  • member icon

Reputation: 29
  • View blog
  • Posts: 549
  • Joined: 08-May 08

Re: Beware of emails coming from government domains! WTF?

Posted 16 February 2010 - 11:35 AM

i love it when they use a UTF16 translator from a character language (Arabic, Hebrew, Asian). Cuase if i remember right, they dont use spaces in the same fashion as latin-based languages. As such, most of them end up having words that are like 1024 characters long even though they are supposed to have intermitten spaces between the words.

Problem is our brain is smatter than we think. Alot of times we will read a word that is blatantly mispelled and still read it as a correctly spelled word, the first time through. I read everything twice and slow, to make sure my brain isnt confusing me into thinking im reading a word that is misspelled severly bad.

I have gotten all kinds of government emails....hell even got one from the FBI saying, "you have 56,000,000$ in a Nigerian bank waiting for your approval, just give us your name, address, ssn (for validation of course), bank rtn, and the name of your first born, just so we can validate you are who you are. Screw that, you can have my first born, but not my ssn or bank rtn ;)
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1