Hi guys, In light of recent ransom ware attacks an interesting read on the issue: http://www.symantec.com/content/en/us/enterprise/media/security_response/ whitepapers/ISTR2016_Ransomware_and_Businesses.pdf The spammers/hackers have gone a step further and I now get suspicious emails containing zip and doc files from African names. Regards, Alex
Get those mails almost daily... simple delete ! Regards, Alvin Ochola On 10 November 2016 at 11:00, Alex Ngatia via skunkworks < skunkworks@lists.my.co.ke> wrote:
Hi guys,
In light of recent ransom ware attacks an interesting read on the issue:
http://www.symantec.com/content/en/us/enterprise/media/ security_response/whitepapers/ISTR2016_Ransomware_and_Businesses.pdf
The spammers/hackers have gone a step further and I now get suspicious emails containing zip and doc files from African names.
Regards,
Alex
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
I get those and just keep them in a safe somewhere! On 10 November 2016 at 11:00, Alex Ngatia via skunkworks < skunkworks@lists.my.co.ke> wrote:
Hi guys,
In light of recent ransom ware attacks an interesting read on the issue:
http://www.symantec.com/content/en/us/enterprise/media/ security_response/whitepapers/ISTR2016_Ransomware_and_Businesses.pdf
The spammers/hackers have gone a step further and I now get suspicious emails containing zip and doc files from African names.
Regards,
Alex
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
If anyone still has client-based email software collecting emails, be very suspicious of ALL emails with attachments. Why not set up a filter to forward any email with an attachment to a gmail account, and then pick the attachment from there. Google will sanitise your attachments - and you don't have to use this gmail account for sending, so you can still use your corporate email for sending/replying to genuine mails. Just an idea ;) Cheers, Tony On 10/11/2016, Alex Ngatia via skunkworks <skunkworks@lists.my.co.ke> wrote:
Hi guys,
In light of recent ransom ware attacks an interesting read on the issue:
http://www.symantec.com/content/en/us/enterprise/media/security_response/ whitepapers/ISTR2016_Ransomware_and_Businesses.pdf
The spammers/hackers have gone a step further and I now get suspicious emails containing zip and doc files from African names.
Regards,
Alex
-- Tony White
Thank you for sharing this. I can relate how annoying these emails have been in the last couple of months. Been doing some research on mitigating this at our organisation. We currently have exim+spamassassin+clamav setup on our MX. A bit of googling lead me to the links below and implementing them has significantly assisted in blocking majority of these email attachments. I am sure there are hacks for other *nix MTAs. Hoping this info will be useful other email admins. [1] https://github.com/Exim/exim/wiki/ExiscanFilenameBlocking [2] https://github.com/extremeshok/clamav-unofficial-sigs Cheers. On 10 November 2016 at 12:37, Tony White via skunkworks < skunkworks@lists.my.co.ke> wrote:
If anyone still has client-based email software collecting emails, be very suspicious of ALL emails with attachments.
Why not set up a filter to forward any email with an attachment to a gmail account, and then pick the attachment from there. Google will sanitise your attachments - and you don't have to use this gmail account for sending, so you can still use your corporate email for sending/replying to genuine mails.
Just an idea ;)
Cheers, Tony
On 10/11/2016, Alex Ngatia via skunkworks <skunkworks@lists.my.co.ke> wrote:
Hi guys,
In light of recent ransom ware attacks an interesting read on the issue:
http://www.symantec.com/content/en/us/enterprise/ media/security_response/ whitepapers/ISTR2016_Ransomware_and_Businesses.pdf
The spammers/hackers have gone a step further and I now get suspicious emails containing zip and doc files from African names.
Regards,
Alex
-- Tony White
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, David
participants (5)
-
Alex Ngatia -
Alvin Ochola -
David Njuki -
Odhiambo Washington -
Tony White