Harold, This is why I have my Outlook Express set to read mail in plain text only. Jeff -- Intrepid Video TV/VCR Repair www.intrepid-video.com www.tech-repair.net ----- Original Message ----- From: "Harold B" <[EMAIL PROTECTED]> To: "PC Works - LIST" <[EMAIL PROTECTED]> Sent: Sunday, November 07, 2004 5:31 PM Subject: PCWorks: Internet attack
Hello again, I usually ignore these "the sky is falling" emails that often get around the internet. The following came to me and I'd like to know if there is any validity to it. It doesn't matter to me because as a matter of course, I always have the VBScript Script File disabled (I don't even know what it's used for). I quote: "A new and very dangerous Internet attack was reported this week in Brazil. This new danger is a phishing attack. Phishing is computer slang for attacks in which criminals pretend to be a bank or other institution. They try to trick you into giving up your password and user name. Most people have learned not to fall for this. But this new attack could fool the most careful people. Here's how it works: The criminals send you an e-mail (spam). When you open the e-mail, a small program called a script runs. Note that you only need to open the e-mail; there is no attachment. "The scripting program goes to your HOSTS file, located deep in your computer. The actual path in Windows XP is: C:\Windows\System32\Drivers\Etc\HOSTS It enters your bank's Web address--for instance, www.YourBank.com in the HOSTS file. It also enters an Internet Protocol (IP) number for the criminal's address. "The next time you need to surf to your bank, you attempt to go to www.YourBank.com. When you enter that address, or any other address, the browser first goes to the HOSTS file to find the IP number. If it isn't there (it normally would not be), it goes to a special computer on the Internet to find the IP number. "However, the criminals have put your bank's address in the HOSTS file, along with their IP number. So you are automatically sent to that IP number, which is the criminals' computer. It looks like the bank's Web site, so you enter your user name and password. That gives the criminals the information they need to enter your account and steal your money. How can you protect yourself? Some anti-virus programs guard against this kind of thing; others do not. To be safe, you must disable your computer's scripting ability. To do that: ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
