Malware Education



Many organizations deploy anti-spam and anti-virus technologies. And while these technologies help to protect the network many of them are signature based meaning that someone has identified the malware and written some way to identify it in order to block it. While this is a popular method of protection it does have the drawback that the piece of malware entering into your system may be newer then the signature file.

Security professionals know that maintaining a secure environment means more then configuring a firewall. Security is an on going process and awareness through education for all users is a significant factor in the protection of the systems and data of the organization.

ESubnet is providing the document below “Dissecting Malware Email - Understanding how to identify bad email” free of charge so that people may learn the signs to look for in a potentially harmful email.


A sample from the article

3. How You Can Help

The first step in helping your organization remain malware free is to pay attention to the emails you open, especially those with attachments.
  1. Look at the sender address: does it make sense that you would be receiving the email from this sender?
  2. Look at the message body: do the words make sense, and while they may be spelled correctly, are they the correct words within the context?
  3. Look at the headers: In Microsoft Outlook 2003 the headers are available for an email under View and then select Options. In Outlook 2010 you must first open the email and the find View and select Options.
  4. Your IT department needs these headers to diagnose problems, just as I did above with the example email. Include them in any email you forward to the helpdesk.
  5. Do not open the attachment.


By remaining vigilant, curbing your curiosity and being just a little paranoid you can help to protect the safety and integrity of your firm.



This sort of malware email has as been seen comming from Revenue Canada, FedX, and UPS.

Get the free educational document here - ESUB-Dissecting_Malware_Email

Orginally published Aug, 2011



Articles
Networking

N090307-Duplex Mismatch
N090905-Multi_IP
N090825-Clear_ARP
N20110904-Mask_table
N091010-ASA_WCCP_LINUX
N20110930-MRTG
Servers

W090905-DHCP-Options
L091028-Crontab
L100519 Linux Files 1
S121220-xymon_cc
Misc.

M110419-Testing EMAIL
M20110818 - Malware Education

eSubnet Fragment

Receive insights into networking, security
and IT management from our newsletter