Virus Alert for Rogers Customers

[shack]

I almost got sucked in by this one.

I got an e-mail this morning saying that my Rogers e-mail account would be disabled in 3 days for improper usage (guilty mind assumes porn) unless I provided some updated info on a Rogers link that was provided.

I was that close to clicking it when I figured I'd call Rogers to double check. Sure enough they told me it was bogus.


I'm glad I was up early so I wasn't worried about being on hold for an hour with Rogers support. Someone answered right away. I wasn't on hold at all.

FYI

 

[torex]

I recieved the the same message and just ignored it.

 

[Fred Zed]

Watch out ! There are many viruses currently doing the rounds. The forged email addresses include those of many respectable organizations as well as govt depts.

 

[Morgan Ellis]

Yahoo mail is rife with them at the moment. The current one asks you to re-verify your password and private information, and it's spoofed to look like it came from Yahoo admin.

-- Morgan

 

[gladheateher]

If the attachment is a ".pif" file I think its the netsky 32 virus, or something like that?

 

[tigerxxx]

If the attachment is a ".pif" file I think its the netsky 32 virus, or something like that?

thats why i never would click on an attachment unless i'm damn sure i know who it's from and even then i'm hesitant.

 

[kyle8085]

Norton Anti Virus catches them all from my experience (as long as you Auto Update your virus definitions!)

This most recent is good... I can see lots of people launching it. The sender is "Noreply@Rogers.com" and the text says that Rogers has to disable their e-mail server for two days. In order to continue receiving your e-mail, you need to enable their "Auto Forwarding Service" by opening the attachment (a ".pif" file per the above post).

There are lots of people (like my Dad) who who regularly open these things... I've lost count of the number of times I've had to re-format my Dad's HD because of viruses - even with Norton installed!

 

[Fred Zed]

My email provider recommends automatically blocking attachments with following extensions:
________________
The following extensions are considered potentially dangerous (select to forbid attachment type):
In addition, You can specify other extensions in the text area below, one per line, and they will also be blocked

bat
chm
cmd
com
ebs
eml
exe
hta
htr
ida
its
js
jse
mht
msg
msi
msp
oft
pif
pl
plg
reg
scr
shs
src
vbe
vbs
whs
wsf
wsh
.zip
zip
scr
_exe
.scr

 

[mrcheeks]

On a related note...

Here is an interesting story that was e-mailed to me:

Don't Get Caught in a "Phisherman's" Net!
March 31, 2004

--------------------------------------------------------------------------------

During 2003 and early 2004, law enforcement authorities, businesses, and Internet users have seen a significant increase in the use of "Phishing". "Phishing" is a general term for criminals' creation and use of e-mails and websites - designed to look like e-mails and websites of well known legitimate businesses, financial institutions, and government agencies - in order to deceive Internet users into disclosing their bank and financial account information or other personal data such as usernames and passwords. The "phishers" then take that information and use it for criminal purposes, such as identity theft and fraud.

A growing number of phishing schemes are using for illegal purposes the names and logos of legitimate financial institutions, businesses, and government agencies in North America, Europe, and the Asia-Pacific region. One industry organization, the Anti-Phishing Working Group (www.antiphishing.org) has reported that in January 2004, there were 176 unique phishing attacks reported to it - an increase of more than 50 percent over the number of reported phishing attacks in December 2003.

Ultimately, people who respond to phishing e-mails, and input the requested financial or personal information into e-mails, websites, or pop-up windows, may be putting their accounts and financial status at risk in three significant ways.

First, phishers can use the data to access existing accounts of those Internet users, and withdraw money or buy expensive merchandise or services.

Second, phishers can use the data to open new bank or credit-card accounts in the victims' names, and use the new accounts to cash bogus checks or buy merchandise. If the phishers open those new accounts with the victims' names, but use addresses other than the victims', the Internet users may not realize that they have become victims of identity theft until they are contacted by creditors or they check their credit reports.

Third, some recent phishing schemes have involved the use of computer viruses and worms to disseminate the phishing e-mails to still more people.

The U.S. Department of Justice recommends that Internet users follow three simple rules when they see e-mails or websites that may be part of a phishing scheme: Stop, Look, and Call.

1. Stop. Phishers typically include upsetting or exciting (but false) statements in their emails with one purpose in mind. They want people to react immediately to that false information, by clicking on the link and inputting the requested data before they take time to think through what they are doing. Internet users, however, need to resist that impulse to click immediately. No matter how upsetting or exciting the statements in the e-mail may be, there is always enough time to check out the information more closely.

2. Look. Internet users should look more closely at the claims made in the e-mail, think about whether those claims make sense, and be highly suspicious if the e-mail asks for numerous items of their personal information such as account numbers, usernames, or passwords. For example:
If the e-mail indicates that it comes from a bank or other financial institution where you have a bank or credit-card account, but tells you that you have to enter your account information again, that makes no sense. Legitimate banks and financial institutions already have their customers' account numbers in their records. Even if the e-mail says a customer's account is being terminated, the real bank or financial institution will still have that customer's account number and identifying information.
If the e-mail says that you have won a prize or are entitled to receive some special "deal," but asks for financial or personal data, there is good reason to be highly suspicious. Legitimate companies that want to give you a real prize don't ask you for extensive amounts of personal and financial information before you're entitled to receive it.

3. Call. If the e-mail or website purports to be from a legitimate company or financial institution, Internet users should call or e-mail that company directly and ask whether the e-mail or website is really from that company. To be sure that they are contacting the real company or institution where they have accounts, credit-card accountholders can call the toll-free customer numbers on the backs of their cards, and bank customers can call the telephone numbers on their bank statements.



Taken from the "Special report on Phishing", by the Criminal Division of the U.S. Department of Justice