Warns Public of Fraudulent Phishing Email.

US-CERT is aware of a recent surge in fraudulent phishing e-mail messages. The messages, claiming to be from the United States National Medical Association, contain a subject line that reads "The United States National Medical Association" and a link that, when followed, will direct the user to a malicious website. These messages are not from any United States government agency.

Users are encouraged to take the following measures to protect themselves from phishing attacks:

• Do not follow unsolicited web links received in email messages.


• Verify the legitimacy of the email by contacting the company or agency directly through a trusted contact number.


• Visit the Anti-Phishing Working Group for more information on known phishing attacks.

Mozilla Releases Update to Address URI Sanitization Vulnerability

Mozilla has released an update for the Firefox browser to address two vulnerabilities with URI sanitization.  These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code on an affected system. 

More information regarding these vulnerabilities and the Firefox update can be found in the following:

• Vulnerability Note VU#783400
  
• Vulnerability Note VU#403150
  
• Mozilla Foundation Security Advisory 2007-27
  
• Mozilla Firefox update

US-CERT encourages users to upgrade to Firefox 2.0.0.6 which has been released to address these vulnerabilities.

Microsoft Windows URI Protocol Handling Vulnerability

US-CERT is aware of a vulnerability in the way Microsoft Windows determines how to handle URIs, which may be be leveraged by a remote attacker to execute arbitrary commands on an affected system.  Public reports demonstrate that Mozilla Firefox can be used to pass malicious URIs to Windows, but other applications may also act as attack vectors for this vulnerability.

More information regarding this vulnerability can be found in Vulnerability Note VU#403150.

4 steps to protect your computer

Step 1. Keep your firewall turned on.

A firewall helps protect your computer from hackers who might try to delete information, crash your computer, or even steal your passwords or credit card numbers. Make sure your firewall is always turned on.

Step 2. Keep your operating system up-to-date.

High priority updates are critical to the security and reliability of your computer. They offer the latest protection against malicious online activities. Microsoft provides new updates, as necessary, on the second Tuesday of the month.

Step 3. Use updated antivirus software.

Viruses and spyware are two kinds of usually malicious software that you need to protect your computer against. You need antivirus technology to help prevent viruses, and you need to keep it regularly updated.

Step 4. Use updated antispyware technology

Viruses and spyware are two kinds of usually malicious software that you need to protect your computer against. You need antispyware technology to help prevent spyware, and you need to keep it regularly updated.

 

Using Caution with Email Attachments

Why can email attachments be dangerous?

Some of the characteristics that make email attachments convenient and popular are also the ones that make them a common tool for attackers:

• Email is easily circulated - Forwarding email is so simple that viruses can quickly infect many machines. Most viruses don't even require users to forward the email—they scan a users' computer for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open any message that comes from someone they know.


• Email programs try to address all users' needs - Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send.


• Email programs offer many "user-friendly" features - Some email programs have the option to automatically download email attachments, which immediately exposes your computer to any viruses within the attachments.

What steps can you take to protect yourself and others in your address book?

Be wary of unsolicited attachments, even from people you know - Just because an email message looks like it came from your mom, grandma, or boss doesn't mean that it did. Many viruses can "spoof" the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it's legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.

Save and scan any attachments before opening them. If you have to open an attachment before you can verify the source, take the following steps:

• Be sure the signatures in your anti-virus software are up to date (see Understanding Anti-Virus Software for more information). 


• Save the file to your computer or a disk .


• Manually scan the file using your anti-virus software Open the file.

Turn off the option to automatically download attachments - To simplify the process of reading email, many email programs offer the feature to automatically download attachments. Check your settings to see if your software offers the option, and make sure to disable it. Consider additional security practices - You may be able to filter certain types of attachments through your email software (see Reducing Spam) or a firewall (see Understanding Firewalls).