Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Brace Yourselves (and your Users / Clients) for Heartbleed SPAM - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Brace Yourselves (and your Users / Clients) for Heartbleed SPAM

I started getting emails yesterday asking me to change passwords on services I do not have accounts on - complete with helpful links - back-ended by malware and/or credential harvesting of course

Just a few minutes ago, I also received a legit email along the same lines, from a security organization.  Unfortunately, they also included links (OOPS), this time legit links, but that's still a big miss on their part.

It's worth a reminder to your user community, clients and even family if you support their machines (and bad computing habits) also. 

Helpful emails with links in them are in most cases NOT helpful.  Don't click that link!

If it's legitimate, and especially this week, by all means browse to the affected site and change your password.  That's always a good idea.  But following an email link to a password change page is a good way to get your credentials stolen, or a good way to pick up a nice "gift" of malware.

 

===============
Rob VandenBrink
Metafore

Rob VandenBrink

469 Posts
ISC Handler
I wonder if most people really see much in the way of social engineering spam, or spam in general anymore.

Security researchers may have promiscuous email configurations due to their interest in such things.

While I don't use web-mail and benefit from Google's impressive filtering, my MTA hard-bounces all spam based on origin network. About one slips through every two months, usually because a corporate email account was hacked. Just got the second UCE for 2014 from Pepsico.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!