When is an e-card not an e-card?

When it’s a trojan or virus, of course. Some of you may have received the following email from me:

Hello,

I’m sending a quick email to a few friends/family just to alert about something I just noticed in my Gmail inbox.

I received an email that alleged itself to be from “GreetingCards.com” which is a respected Hallmark Cards site that happens, I think, to also allow you to send those cute e-mail postcards. The message says something like “someone who cares about you has just sent you a card. Click here to view it” (or something very similar (except “here” is underlined and an internet link).

Don’t click it. Especially if you’re using windows.

The link initiates a download to an ftp site and causes your computer to automatically run a .PIF file. This is the type of file that Windows uses to  run old-school MS-DOS programs. Lowly skilled and wannabe hackers use this to pass on viruses and the .PIF file itself is an executable Trojan.

I only sent this email because I *almost* clicked on it thinking it was really a greeting card. I realized that if I can almost be fooled (I like to think I’m pretty savy with a ‘puter), then some of my friends might not think to investigate the link a little closer.

I run a Linux operating system rather than Windows, so its likely that it wouldn’t have affected me in the least, but it will definately affect Windows users and possibly Mac (I don’t know if Macs handle .PIF files or not).

If you get an email like this, its always best to hover your mouse over the link and read the status bar at the bottom of FireFox, IE or Safari to see what the link resolves to. In this case, its a numeric IP and never a good thing to click. I already sent copies of the email to abuse@greetingcards.com and the ISP for the IP address.

And I was just thinking of sending you all a silly e-card when I got that….  🙂

Carl

I’m always an advocate of forwarding phishing emails and emails that clearly link to trojans (usually files with extensions like “.pif” or “.scr”) to the ISP or company that is being impersonated. This allows big corporations like Citi, Chase, Hallmark, etc to sic their IT pros on the issue and resolve problems a little quicker. There are methods they can take to eliminate fraud, phishing, and inadvertant hosting of harmful programs that shortens the lifespan of a given virus, worm, or trojan. And, the less lifespan these things get the less willing the no-good, low-life, wannabe hackers are to create or pass them on.

So, if you ever get an email that says its from Paypal, Citi, Chase, Bank of America, or any institution that handles your money which asks you to click a link to verify your contact information, don’t click that link unless you’re willing to load up your computer with spyware and answer questions that will let a bunch of theives call up the legitimate financial instutitions that you’re a client with to use that personal information against you. They need only your birthdate and last four of a social security number, or simply a mother’s maiden name to access all your banking info and make any changes they wish.

I know. I work for a bank (when I’m not an archaeology student).

What to do:
1) don’t click the links
2) hover your mouse over the links and look for IP addresses, different spellings (http://www. chasse.com), etc.
3) login to you bank’s website using the links provided on bank literature such as statements or the back of your credit card
4) call your bank, credit card or customer service for the institution through the number on your statement or card
5) ask them about the email -my bank usually knows about the latest phishing schemes within hours of them being started and gets daily updates to all customer service reps
6) forward a copy of the email to abuse@institution.com (where “institution” is the domain for your bank, etc. -i.e. abuse@ebay.com)

And there’s one other thing that I recommend for Gmail users:
7) click on the little down arrow in the email header just to the right of “reply” and you’ll find a list of options. One of these is “report phishing.” Doing this will send the email to Gmail and will improve Gmail’s spam/phishing filter for everyone else. Don’t believe me? If you have Gmail, click on “spam” along the left-hand sidebar and browse the messages Gmail catches!

Geeks and their Toys

I’m hooked. I’m an addict and I admit it.

It all began about one year ago when I caught my first episdode on PBS. Since then, I’ve sought out and watched each episode of Dr. Who (the modern series, that is).

And now I’ve found the perfect geek toy:

The Sonic Screwdriver!

Sonic Screwdriver

Okay… now I’m a real twit

I’ve just started using twitter (@cfeagans), and it seems interesting so far. Playing around with the new version of Ubuntu (Hardy Heron) and re-installing some of the apps and extensions I had before. It includes the new version of Firefox as one of its packages, which seems a bit quicker and less memory intensive. Apparently FF3 doesn’t pre-cache pages, which created a large memory footprint for FF2. Many of my old extensions no-longer work though. I miss my Blue Ice theme and some others, but so far no real regrets.

Poison ivy is killig my left hand at the moment, so not a lot of typing or blogging will happen in the next day or so… It’s killing me, too, since I’m feeling an urge to tackle some of the writing projects I’ve been thinking of recently and blogging on some archaeology and pseudeoscience topics. I’ve actually started a book on pseudoscience that discusses the kooks, cranks and nuts I’ve personally encountered on the web. I’m thinking of publishing direct to Kindle or Lulu (or both). If anyone has suggestions/tips regardng either, my ears are open.

Or, if anyone as tips on how to get rid of a poison ivy rash fast I’m also listening!

Finally! Some Time Off!

I’m officially on vacation for a week. Other than a couple of days at Sea World, San Antonio at the end of the week (if I can get a dog sitter), I’m not planning on an out of town trip. I’ll probably take the kid to a couple of local museums, sites, and hiking since its her spring vacation. I’ll try to get a few photos if I go to the Kimble… I’ve been meaning to do a post about artifacts and the ethics of museum acquisitions and the Kimble has some pre-Columbian artifacts on display that might make a good jumping off point.

I’ve also recently purchased a Nokia N800 internet tablet which I love! I won’t go into a lot of details about it here, since I decided to blog about it at Hot Cup of Joe Tablet! I know what you’re thinking: “Carl, you haven’t even blogged here in a coon’s age, so why are starting a new blog?” The answer is simple: I really don’t know. The motivation to write comes and goes in spurts with me and I think a new spurt is coming (jeez, did I really just type that?).

Anyway, I’ve a few posts I’m working on here already and I’m going to be hosting the Four Stone Hearth soon (so send me your entries either through the submit link on the FSH page or to cfeagans AT gmail DOT com, FSH in the subject line). I’m either going to use a Doctor Who theme or a Pulp Sci Fi theme for this installment. If you want to vote on the theme, leave a comment here.

In the mean time, Coturnix at A Blog Around the Clock (a *must* read blog if you haven’t checked him out) has asked a couple of us anthropologist bloggers to read and comment on a PLoS One article on the Peopling of the Americas which he’s linked to in this post. I gave it a once over and will be reading it closer in the next day or so. Hopefully I’ll have a useful comment to add. I was aware of the article previously, but hadn’t the chance to really read it.

So what say ye? Doctor Who? or Pulp Sci Fi?

The Four Stone Hearth #35, The Giants Are Real edition

Find it here at Archaeoporn! He was good enough to slip me in at the last minute. Next up is Afarensis on March 12th and I get the honors after that on March 26th.

Current Events in Blogging

First, welcome back to the fray, Chris! Northstate Science has been somewhat silent the past few weeks but Christopher O’Brien is back and he made the move to WordPress! Looks like I’m not alone in that move! I’ve updated his link in my Blogroll and be sure to visit -his blog is one of those “don’t miss” blogs on the topic of archaeology.

Next, the Four Stone Hearth’s 34th edition is up at Our Cultural  World. This is the first time being hosted at this blog and blogger bedeboop has done a fine job presenting it. As is usual of late, I’m behind the curve in getting a post ready. New job position, new hours, etc…. I won’t bore with the details, but I’m getting it sorted.

Open Lab 2007!

Corturnix has announced the winning entries in this year’s Open Laboratory here. I had a couple entries submitted but didn’t make the cut, but if you look at the posts that did, you’ll see why: the winning entries are the top in their fields. I’ve read quite a few of them already, my favs so far are, The First Fossil Hunters: Paleontology in Greek and Roman Times by Afarensis; and An illustrated history of trepanation by Neurophilosophy (which also happen to be two of my favorite blogs).

Corturnix had nearly 500 entries and only a tenth of them made the cut. I looked over many of the entries that hadn’t and I must say I don’t envy the position of those that chose! There were so many good blogs to choose from.

Now, we just need to wait for Bora to turn it all into a book. I wonder what this year’s cover art will look like…?