Peter Murray peterwmurray@gmail.com
Thu Mar 31 13:15:54 EDT 2011

A few fundamentals of email/web/system security:

- Be wary of any email containing an unsolicited attachment from
anyone. Be wary of any unsolicited email. Use a mail provider that has
good anti-spam systems (AppRiver's SecureTide is excellent and not
tremendously expensive for organizations, GMail is very good for
- Defend your system appropriately (Firefox with Adblock Plus, Chrome
with AdBlock extension. Stop using Internet Explorer.) NoScript is
better, but can be cumbersome. Install a modern, current antivirus.
Non-Windows systems are not invulnerable, but most attacks are against
the lower-hanging fruit - Win32 systems (XP, Vista, 7, Server 2003).
- Always look at the links you're considering clicking on - verify
that they *really* go to the site that is purported to be the
- Keep your system up-to-date, whether OS patches, Flash/Adobe
Reader/etc updates. Consider a simpler PDF Reader (like SumatraPDF).
- Passwords are only good when you can remember them. I like
fingerprint scanners as well, though there are problems there.

OBRadio - I'm looking forward to trying out the portable/car-mountable
JVC HD KT-HDP1 in my Subaru (which has no aux-in without major
hacking). DC has some interestng HD channels...


On Thu, Mar 31, 2011 at 11:40 AM, Dan.Strassberg <dan.strassberg@att.net> wrote:
> Yes, but usually a phishing exploit requires you to open an attached
> file or follow an included link before the message will do its dirty
> work. The message in question did include a link and the .it in the
> link suggested that the host site was in a foreign country (Italy, in
> this case). Another tip-off can be that the message uses the Cyrillic
> (Russian) character set. Most people would not follow such a link even
> if it were to a site with a US domain name, let alone a foreign one.
> But if it were late at night after a long day and the recipient had
> lapsed into a near-coma or gone into sleepiness-induced autopilot
> mode, I suppose s/he might stumble into following the link or opening
> the attachment.
> BTW, I read recently that attachments with a .PDF fulename extension
> have apparently become the most dangerous for injecting malware into
> recipients' PCs, based on the relative frequency of occurrence of
> files with .PDF extensions among all malicious file attachments. Be
> particularly leery of PDF attachments to messages from people whom you
> do not know and trust.
> -----
> Dan Strassberg (dan.strassberg@att.net)
> eFax 1-707-215-6367
> ----- Original Message ----- From: "Sid Schweiger" <sid@wrko.com>
> To: <boston-radio-interest@lists.BostonRadio.org>
> Sent: Thursday, March 31, 2011 7:15 AM
> Subject: RE: rjoc04679
>> "How so?"
>> It's known as phishing...sending an e-mail containing some sort of
>> deception which gets the recipient to give up their password or some
>> other personal information.  Telling the recipient they've won a
>> prize, have some money waiting somewhere (the erstwhile Nigerian
>> scam) or will have some account shut down for some ominous looking
>> reason are three of the most common.
>> Sid Schweiger
>> IT Manager, Entercom New England
>> 20 Guest St / 3d Floor
>> Brighton MA  02135-2040

More information about the Boston-Radio-Interest mailing list