Thursday, September 25, 2003

Caution When Reading E-mail

One of the methods that SoBig employed to spread was social engineering. In other words, it got the user to "open" an e-mail attachment rather than exploiting a vulnerability and running itself. (Unlike the Swen worm which runs if you open or preview the message with Outlook.)

CERT.org has a decent article explaining the hazards of (and precautions for) reading e-mail with attachments.