|
Posted by Sanjaya on April 24, 2006, 6:42 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Sanjaya wrote:
> > A the son of a friend of mine had his computer majorly screwed with when
> > he clicked a seemingly innocuous link in a spoofed email.
> >
> > Holding the cursor over the email link shows this is the status bar
> > javascript:dl('http://www.***search.net/test');
> >
> > I have substituted asterisks for 3 letters in the fake link.
> > The email shows what appears to be a real link to
> > http://www.***search.net/test
> > but a right click/"copy link" gives the result showing javascript
> > (that is a paste of what actually copied)
> >
> > I don't know how to explain it to them properly.
> > Any suggestions?
> >
> > The missing letters are a 3 letter word for feline if anyone's interested.
>
> Well looking at a Google search of the web address it rings some alarm
> bells; "adult" sites often serve up viruses, spyware or computer exploits.
>
> What has probably happened is that their email client was told to download
> a malicious program from a web site at the above address. It may have
> required a user to click on the link or could have had code inside the
> email which triggered it.
>
> They should use a more secure email program (Thunderbird has a good track
> record so far), should *never* read email in HTML mode and absolutely must
> keep their operating system up-to-date with the latest security updates.
>
Thanks.
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map