Jump to content

Virus/Ransomware/Locky


RV_

Recommended Posts

I usually don't make a point of talking about the many attempts to infect my systems I see defeated but in the last month I got at least five infected emails that are caught and removed by my several layers of protection including my email provider.

 

This one just came in pretending to be a UPS notice of a shipping problem. It read:

 

Parcel #09312848 shipment problem, please review

USPS Ground Support xxxx@xxxx-web.de

Sent: Sun 1/1/2017

To: RV@mydomain.com

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

This email was infected with a virus: 'Virus/Ransomware/Locky'.
The content of this message has been removed for your protection.

 

End of copied infected and cleaned message. I changed the email to xx and my email but left the .de at the end which tells me it was from, or routed through, a domain in Deutschland. (Germany) So why would a UPS message for a delivery in the US come from Germany? See, it gave it away.

 

I have never seen so many personal ransomware and other attacks as in the last year. None have succeeded. And we know better than to click on wild email attachments from the FBI, the CIA, Various Princes and other treasure holding entities, and no naked pics.

 

If you have been infected I would consider who your email provider might be and your onboard defense systems in each computer and phone you own. I use Windows defender which has been rated as good as any now, and as backup Malwarebytes Premium on all my home systems, I bought six lifetime licenses before they turned into annual subscriptions and they have been great about it. Malwarebytes is the only software designed for real time scanning of activities side by side with most other anti malware programs.

 

We never fall for the threat full looking and scary, nor the "YOU WON! emails and they are sent to spam and the domains blocked as spam permanently.

 

Assuming you have Windows Defender and free Malwarebytes, or any rated antimalware program that you keep up to date and allow to update daily at a minimum, today we usually have to open an attachment or link from an unknown or spoofed source to get infected. Even Windows is hardened to the point malware depends on people being fearful and greedy, personally needy, and ethically seedy, such that they cannot resist the lure of too good or bad to be true, and click.

 

Safe computing!

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

RV

 

I got one of those the first part of December only it was from DHL. I knew I had nothing coming from or shipped by DHL and called DHL. They said yes it was a scam and do not open it. Anymore you really need to pay attention to each and every e-mail you receive before opening it.

 

Happy New Year RV

 

Dennis

USA Master Sergeant Ret.

Link to comment
Share on other sites

I have not got one of those in about a yr or so. Guess i'm over due. But not to hi-jack the thread but 2 of my customers got scammed by clicking on a fake website notification that microsoft has detected a virus in there pc an to call this number. both called. one actually let them into there pc.put a Syskey password that customer didn't know. What a nightmare to fix, but i got it done.

2000 Itasca Horizon DP (Got Total During Irma). 

Vice President of Charlotte County Defenders LE MC

http://charlotte.defenderslemc.com/

Link to comment
Share on other sites

wildmandmc

 

I have seen the screen several times. I have never clicked on it but go right into shut down and start the whole cleaning process and have never had any problems with it. And the thing is it does not come in the form of a e-mail. You will be on a site or going to a site and bam there it is. The last time I got it I was searching for past federal SES pay scales and got hit with it. So it's not like you are going to shady sites and get it hit with it.

 

Dennis

USA Master Sergeant Ret.

Link to comment
Share on other sites

wildmandmc

 

I have seen the screen several times. I have never clicked on it but go right into shut down and start the whole cleaning process and have never had any problems with it. And the thing is it does not come in the form of a e-mail. You will be on a site or going to a site and bam there it is. The last time I got it I was searching for past federal SES pay scales and got hit with it. So it's not like you are going to shady sites and get it hit with it.

 

Dennis

 

I don't even take the time to go through shut down . I hit the power button immediately and then reestablish .

Goes around , comes around .

Link to comment
Share on other sites

Guys,

Those were cleaned before my email provider forwarded them to my system. There were no active links or pics in them or attachments to click on, open, or take to a malicious website. What you saw above was all they let through. A header and their message as to why the email was stripped was all I received. I got two more today and yesterday. I'm impressed with Suddenlink's email server security scans.

 

There also is an uptick from really stupid robocalls that try to tell us they are from car warranty and are giving us a last warning that our warranty is expired. When I say I want to speak to an agent it disconnects. How the heck can they make money on a scam they don't finish.

 

We know criminals are stupid. But these folks take the cake.

 

I just posted because a few folks here mentioned getting ransomware. It seems not all email services make the effort to keep malware from infecting their customers.

 

Just be safe folks, and keep your anti malware updated.

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

RV yup very few servers scan emails coming in. Even the one's that say scanned by such an such virus program, I wouldn't take that word as ok im good to go. As for websites (infected ones) IMO seems the ppl in charge behind the scenes are not to smart or they not sure of what to be looking for to keep the site safe for the general public.

2000 Itasca Horizon DP (Got Total During Irma). 

Vice President of Charlotte County Defenders LE MC

http://charlotte.defenderslemc.com/

Link to comment
Share on other sites

If you are using Outlook, just right click on the senders email name and click on "Open Outlook Properties" The email address will pop up. In most cases for these "You Have A Package", the email address will be bogus. It will not be from UPS or DHL etc.

 

NEVER EVER open an attachment unless you verify the sender. Even if it looks like your mom is sending you the email................it might be your long lost Russian mom!

RoyB

South of Boston

2021 Dodge 2500 - 6.4L

Forest River 19RR Toy Hauler

Roofnest Falcon Rooftop Tent

www.rvbprecision.com

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

RVers Online University

Giraffe G4.

mywaggle.com

campgroundviews.com

RV Destinations

Find out more or sign up for Escapees RV'ers Bootcamp.

Advertise your product or service here.

RVTravel.com Logo



×
×
  • Create New...