Reply to topic  [ 7 posts ] 
Not sure where this belongs 
Author Message
Site Admin
User avatar

Joined: Fri Apr 24, 2009 6:12 am
Posts: 7011
Location: Wiltshire
Reply with quote
A mate of mine who runs a small tourist attraction has got a problem.

Now I'm running blind on this as I don't know what kit he has but I'd guess windows based PC's and server. Its several hundred miles away so I cant readily check.

Their emial system sent out an email with an infected attachment to everybody n their email list. Yes sadly not an uncommon event.

To quote him
Quote:
With regard to this ‘new form’ spam mail – we have had a call back from a local business saying that they had their bank account hacked by someone in Austria following receipt of this spam email from us.

We have now cleared (we think) the messages from our servers and base computer – is there anything else we should be doing?


Any input would be appreciated.

_________________
<input type="pickmeup" name="coffee" value="espresso" />


Sat Jun 20, 2015 7:31 am
Profile WWW
What's a life?
User avatar

Joined: Thu Apr 23, 2009 7:26 pm
Posts: 17040
Reply with quote
Hard to say without seeing it, but the first one is 'get some inline virus scanning on their email server', which they appear not to have. And the obvious 'don't open attachments unless you expected to receive them'.

The macro-in-an-office doc malware IS a bitch to spot mind because it's actually quite hard to tell a malicious macro from a benign one. At our place we've been down to looking at them in hex editors to try to spot patterns.


Sat Jun 20, 2015 10:28 am
Profile
Site Admin
User avatar

Joined: Fri Apr 24, 2009 6:12 am
Posts: 7011
Location: Wiltshire
Reply with quote
any particular products you can recommend?

_________________
<input type="pickmeup" name="coffee" value="espresso" />


Sat Jun 20, 2015 12:57 pm
Profile WWW
What's a life?
User avatar

Joined: Thu Apr 23, 2009 7:26 pm
Posts: 17040
Reply with quote
It's rather hard to say without a lot more detail. There's basically two ways to do it - put a virus scanner on the email system itself or put a cloud based service in front of it - basically route all the email to it first then it passes the safe stuff on.

Without knowing who provides their email service and how its set up, recommending something would be throwing a dart while blindfolded...


Sat Jun 20, 2015 5:26 pm
Profile
Site Admin
User avatar

Joined: Fri Apr 24, 2009 6:12 am
Posts: 7011
Location: Wiltshire
Reply with quote
Cheers and I know the feeling.

_________________
<input type="pickmeup" name="coffee" value="espresso" />


Sun Jun 21, 2015 10:06 am
Profile WWW
Site Admin
User avatar

Joined: Thu Apr 23, 2009 5:53 pm
Posts: 8603
Location: location, location
Reply with quote
Malwarebyte scan the whole network.
Lock SMTP sending on the firewall to only come from the mail server.
Scan all emails in & out for infections.
Make sure SPF records are in place.

_________________
Support X404, use our Amazon link
Get your X404 tat here
jonlumb wrote:
I've only ever done it with a chicken so far, but if required I wouldn't have any problems doing it with other animals at all.


Mon Jun 22, 2015 11:31 am
Profile WWW
Site Admin
User avatar

Joined: Fri Apr 24, 2009 6:12 am
Posts: 7011
Location: Wiltshire
Reply with quote
cheers

_________________
<input type="pickmeup" name="coffee" value="espresso" />


Mon Jun 22, 2015 12:36 pm
Profile WWW
Display posts from previous:  Sort by  
Reply to topic   [ 7 posts ] 

Who is online

Users browsing this forum: No registered users and 16 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software.