We wanted to make you aware of some more email scams we’re seeing, and pass along the information so you can keep yourself protected.
One is involving “.TIFF or .TIF” files. This is a picture format that is often used by graphic artists and the publishing industry. There is a specific vulnerability that is circulating by using these files, that when an infected file is opened it allows the attacker to gain remote access to the computer. At the time of this email, Microsoft does not have a patch for this. It affects specific versions of Windows and Office, but our recommendations are to avoid opening these files in general, as with any file, unless you are expecting it from the sender.
For more detailed information from Microsoft you can read their release here: http://technet.microsoft.com/en-us/security/advisory/2896666 (This is a safe link we are providing)
The other email scam we are seeing is a general phishing scam, but the sender has been spoofed to look like the email has been sent from within the company or by a company you know. This can be particularly deceptive as employee may think you’ve sent out an update and click on these links which are likely infected with a virus or malware.
Here’s a screen shot of an email that GeeksAKnockin’ received just to show you how real it can look. We actually did not send this email internally but it looks as if we did. Again, if at any time you are unsure or have any question about an email with an attachment be sure to ask the sending party if they really did send it.