[GTALUG] Heads Up
ac
ac at main.me
Thu Jul 14 00:13:43 EDT 2016
On Wed, 13 Jul 2016 15:31:59 -0400
Kevin Cozens via talk <talk at gtalug.org> wrote:
> On 16-07-13 01:43 AM, ac via talk wrote:
> > Just started seeing many email attachments with .html active
> > javascript ransomware in base64 fully loaded anyway this is going
> > to be the new normal, disabling javascript on email clients as
> > filtering these will be challenging)
> > so, if you are not using mutt or custom email (like moi) I would
> > strongly suggest not opening any .html attachments without disabling
> > Javascript
> I set my email program to treat all my mail/mailinglist messages as
> text only. I don't need to act like a web browser and show me nicely
> formatted pages as I have a separate program for that.
> Viewing messages as simple text means you don't should not have to
> worry about any attempt to include something other than simple text.
>
I also configured my wife's thunderbird to plain text, the problem
is that the majority of email clients open and parse untrusted
javascript as users like the 'pretty' emails...
Anti virus programs, dnsbl's etc are all reactive and with tls it is
becoming more and more challenging to defeat target phish and t social
for average users, it seems that each company/group will need abuse
administrators in house :)
Andre
More information about the talk
mailing list