[Lilug-si-sig] Email Security Tips and Analysis
Lee Wilbur
leew at multiverseit.com
Wed Nov 23 12:29:37 PST 2016
Hey folks,
I got an email earlier today that was friendly and, more so than anything else in recent memory, looked like something important that was actually bad. It suggested that the sender was having trouble contacting me off the phone number on my business card and wanted me to check it... a few seconds of thought and the link proved it was malicious, but especially for folks who attend conferences and give out a lot of business cards, the gut reaction can be to click away...
So I thought about this and wrote an e-mail to several friends and clients reminding them, as the holiday season approaches, to be vigilant and remember that no protection system is 100% and sometimes, very legitimate looking emails can be very bad.
In addition, one of the lists I mailed with this suggestion had Susan Bradley reply with a useful series of web sites if you want to know and understand what these malicious things can do.
You might find these sites useful:
https://www.virustotal.com/
https://www.reverse.it/ - copy and paste the URL here - it will download and analyze what it is, what it does, and could have done - for run (or curiosity) check your spam and give it a shot
http://www.cuckoosandbox.org/ - malware analysis system you run on your own systems (Haven't tried it)
The others below seem to be variants of the above, but potentially useful nonetheless.
http://urlquery.net
http://csi.websense.com/
https://malwr.com/submission/
https://www.phishtank.com
https://www.hybrid-analysis.com/
https://www.metadefender.com/#!/scan-file
Happy Thanksgiving!
-Lee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lilug.org/pipermail/lilug-si-sig-lilug.org/attachments/20161123/4f73e7e2/attachment.htm>
More information about the Lilug-si-sig
mailing list