What: November ISSA Lunch and Learn
When: Tuesday, November 4th 2008. 11am – 12:30pm
Where: Whole Hog Café, Bentonville (map)

Presentation: Dave Smith & Von Nguyen of Palo Alto Networks
(http://www.paloaltonetworks.com)

What will they be presenting:
Dave and Von will give a presentation on Next Generation Application Firewalls.
They will cover why conventional firewalls are no longer enough to protect the
enterprise and why smarter application firewalls are now needed. They will
explain how an effective application-aware firewall can curb numerous security threats.

Our November meeting marks the beginning of our annual elections.
We will be electing individuals for the following offices:
• President
• Vice President
• Secretary
• Treasurer

Dave

Yesterday I received an email from a "company" about becoming a customer care representative. So there are a few issues with this:

• I didn't apply anywhere for a customer care representative position.
• The domain watford.gov.uk of the replyTo address in the email header doesn't match the name of the company that supposed sent the email and looks like a government domain in the UK.
• The email address that received this email is one that I use for my website and would never use for personal business.

So all in, if you receive an email like this, DELETE IT .

Here is the image of the email I received. You can click on the thumbnail below to see a larger version of the image:

Read more! »

Yesterday I received an email from a "company" about becoming a mystery shopper. So there are a few issues with this:

• I didn't apply to anything about being a mystery shopper.
• The domain cushingdolan.com of the replyTo address in the email header doesn't match the name of the company that supposed sent the email.
• The email link in the email body points to a gmail account, which has a different name than the person who "signed" the email and the address that sent this email.
• The sending email address doesn't match either the name of the sender or the email address you are supposed to reply to.
• And....Michael is spelled wrong in the gmail address

So all in, if you receive an email like this, DELETE IT .

Here is the image of the email I received. You can click on the thumbnail below to see a larger version of the image:

Read more! »

I received five more copies of the Bank of America Phishing Email. The web page that these emails point to, tried to force me to execute an executable file. Trend Micro says this exe file is CRYP_MEW-11.

So if you receive an email like these, DELETE IT .

Here are the images of the emails I received. You can click on one of the thumbnails below to see a larger version of the image:

Read more! »

This is another version of the Key Bank Phishing Email. The web page that this email points to, tried to force me to execute an executable file. Trend Micro says this exe file is CRYP_MEW-11.

So if you receive an email like this, DELETE IT .

Here are the images of the emails I received. You can click on one of the thumbnails below to see a larger version of the image:

Read more! »

Today I received two emails that are supposed about recruiting for a home based position. The fact that I received the same message from two different sources is a big tip off that it is a scam. With the economy in shambles, more folks might be tempted to reply to this message which would not be a good idea.

So if you receive an email like this, DELETE IT .

Here are the images of the emails I received. You can click on one of the thumbnails below to see a larger version of the image:

Read more! »

This is another version of the Key Bank Phishing Email. The web page that this email points to, tried to force me to execute an executable file. I have not had a chance to look into the executable yet, but any web page that does that concerns me.

So if you receive an email like this, DELETE IT .

Here are the images of the html and text of email I received, the web site, and the download prompt. You can click on one of the thumbnails below to see a larger version of the image:

Read more! »

Initially I thought this was just another Phishing email, but when I checked the link that was in this email, the web page tried to force me to execute an executable file. I have not had a chance to look into the executable yet, but any web page that does that concerns me.

So if you receive an email like this, DELETE IT .

Here are the images of the html and text of email I received, the web site, and the download prompt. You can click on one of the thumbnails below to see a larger version of the image:

Read more! »

Today I received an email that is supposed about recruiting for a home based position. Some things about this message just didn't seem right to me and with the economy in shambles, more folks might be tempted to reply to this message which would not be a good idea..

• The reply to address (where the message was sent from) and the manager's email address were from separate domains - tpgcpas.com and gmail.com respectively.

• The wording of the message while better than most scam emails, still isn't quite right. There are punctuation, tense, and grammar issues in this message.

Here is an image of the email I received. You can click on the thumbnail below to see a larger version of the image:

Read more! »

This email appears to from Flagstar Bank, but after a quick look, it is fairly apparent that it is nothing more than a Phishing email. A couple of points on this message:

• The second sentance doesn't read right, it appears to be missing a word.

• The third sentance is not constructed right and again doesn't read correctly.

Here is an image of the email I received. You can click on the thumbnail below to see a larger version of the image:

Read more! »

I won't go into detail on these phishing / scam emails, since I received three today, they are obviously not real.

Here are the images of the emails I received. You can click on one of the thumbnails below to see a larger version of the image:

Read more! »

Well I guess I should have expected the number of home based work email scams to increase, but for me to get two (2) in one (1) day is crazy and the day isn't over yet.

This email is supposedly about a home based opportunity with Advan Group LTD. When I first saw the email in my "Junk" folder I figured I could ignore it, but with our economy heading south, there may be more folks tempted by this message and replying to it is a very bad idea. This, like most scam emails, suffer from what I would call a lack of understanding of the english language. What I mean by that is that the email doesn't read right.

• The reply to address (where the message was sent from) and the manager's email address were from separate domains - heidenheim.com and gmail.com respectively.

• The wording of the message isn't quite right. There are punctuation, verb tense, and grammar issues in the message.

• The email says you will be working over 4 hours a day Monday through Friday, but only 16 hours a week

Here is an image of the email I received. You can click on the thumbnail below to see a larger version of the image:

Read more! »

Today I received an email that is supposed about recruiting for a home based position. Some things about this message just didn't seem right to me and with the economy in shambles, more folks might be tempted to reply to this message which would not be a good idea.

• The reply to address (where the message was sent from) and the manager's email address were from separate domains - linux.ca and gmail.com respectively.

• The wording of the message while better than most scam emails, still isn't quite right. There are punctuation, tense, and grammar issues in this message.

Here is an image of the email I received. You can click on the thumbnail below to see a larger version of the image:

Read more! »

So I received a new CitiBank scam email today.

Here is an image of the email I received. You can click on the thumbnail below to see a larger version of the image:

How do I know it was a scam email?

Read more! »

The next NWA ISSA Meeting is coming up fast.

Please mark your calendars for October 7th. Our October meeting will include lunch and a discussion/presentation about risk analysis.

WHAT: NWA ISSA Meeting
WHEN: October 7th, 2008 11am
WHERE: Whole Hog Café, Bentonville

SPEAKER:
Quantitative Risk Assessment
Chris Calvert, CISSP, CISM - Laconic Security

AGENDA:
11am – Lunch
11:15am – Call to order for Chapter Business
11:30am – Go over upcoming Chapter elections
11:45am - Speaker

As always, all are invited and do not need to be ISSA members to attend.

We are looking forward to seeing everyone there.

Dave