Social Engineering (was Re: [Mimedefang] survey: dropping password protected file)
David F. Skoll
dfs at roaringpenguin.com
Fri Mar 5 11:30:00 EST 2004
On Fri, 5 Mar 2004, Paul Whittney wrote:
> I can see a point where the emails come in saying:
> "You need to run the file we have sent, please save this file to disk,
> rename setup.txt to setup.zip, double click on it, enter the password
> 12345, and run setup.exe".
Right. The amount of social engineering to get the encrypted viruses
to spread was pretty high, higher than I thought would enable spreading.
But they spread anyway.
At some point, we will have to secure our desktops, and that basically
means trashing Windoze. Even on Linux/UNIX, we'll have to mount /home
and /tmp noexec to protect novice users from themselves.
--
David.
More information about the MIMEDefang
mailing list