Is this from b5 Support? I DON'T THINK SO!!!!

Brian · August 1st, 2007, 04:44 PM

We all know that we need to look out for emails from people we don't know. Especially ones that have attachments.

But what do you do when b5 Support sends you a zip file out of the blue, telling you to look at the attached word doc that explains how to get your email working again? Delete it of course!

Have you gotten this email:

Dear B5media Member,

Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.

If you choose to ignore our request, you leave us no choice but to cancel your membership.

Virtually yours,
The B5media Support Team

+++ Attachment: No Virus found
+++ B5media Antivirus - www.b5media.com

Or maybe one that looked like this:

Dear user brian,

You have successfully updated the password of your B5media account.

If you did not authorize this change or if you need assistance with your account, please contact B5media customer service at: info@b5media.com

Thank you for using B5media!
The B5media Support Team

+++ Attachment: No Virus (Clean)
+++ B5media Antivirus - www.b5media.com

Or even this "Dear User" email:

Subject: **WARNING** Your Internet account has been suspended.

Dear user
Your IP was logged by different sites which are porn related. Attached is a list of sites you visited
and information about your Internet account. We warn you not to visit these sites again.

b5media.com User's Online Experiance Control Team.

I've gotten dozens of them. Now, being on the tech team, I have an advantage in that I KNOW we didn't send it.

Here are a few things you can look for:

First, we won't be sending you .zip or .exe files out of the blue. If we ever do send a file to you, it would be from one of us individually and it would be part of an email thread/discussion we are having. So, you will know it is coming.

Second, we won't use B5media with a capital B multiple places in the email. We are b5media not B5media. And we will almost always have an individual tech team member's name at the bottom. Also any "b5media"s will always be lower case (or the offender will get 40 lashes with a wet noodle and will be subject to much teasing by the rest of the b5media tech team. I know from experience and no, I don't want to talk about it).

Third, Declarations at the end of the email saying that it is virus free almost always indicate it is virus laden. Especially when they software they use is "+++ B5media Antivirus". See that capital B again? And I didn't even know that we wrote antivirus packages. I thought we were into blogging!

Fourth, the attachements will not be faked to look like the are DOC files when they really are EXEs.

Look at contents of the .zip attachment from that email:

It looks like a .doc file right? At least at first glance?

Because the file type is right beside it in my setup, you can see that they are doing something tricky... The file type isn't document; it's application.

See those three dots after the file name?

Look what happens when we expand that column:

They put lots of spaces at the end of the file name to make the real extension be hidden. The file name is something like "account-report.doc .exe". That way the .exe is hidden to the casual observer. Pretty tricky huh!

Well, I just wanted to make sure you all were aware of this email. I've been getting them since April, so chances are you'll get one sometime too.

BTW, If I ever sign an email "Virtualy yours" please feel free to slap me around a bit!

THANKS! Can you even hear us saying "Dear User"???

DexieW · August 1st, 2007, 08:14 PM

Thanks Brian, much appreciated

shai · August 1st, 2007, 11:49 PM

Quote:

Originally Posted by Brian

BTW, If I ever sign an email "Virtualy yours" please feel free to slap me around a bit!

THANKS!

LOL. Now we know what to watch out for. Hehe.

By the way, maybe it's worth sending the main b5 internal mailing list a link to this forum post. I know not everyone checks the forums.

bnpositive · March 17th, 2008, 05:58 PM

Another little step I do is to hover over any links I receive in an e-mail message and look where they're going to send me in the status bar of my browser or the pop-up bubble in my e-mail client.

Many times what the text says for the link in a URL and the actual value of the link are completely different.

In general I don't click on links in messages at all. I'll type in the URL of the company directly if it's actually a company I do business with and think it may be a legitimate e-mail.

Brian · March 17th, 2008, 06:07 PM

Good advice Jason!

August 1st, 2007, 04:44 PM	#1
Brian Administrator Join Date: May 2007 Location: Akron, Ohio Posts: 151	Is this from b5 Support? I DON'T THINK SO!!!! We all know that we need to look out for emails from people we don't know. Especially ones that have attachments. But what do you do when b5 Support sends you a zip file out of the blue, telling you to look at the attached word doc that explains how to get your email working again? Delete it of course! Have you gotten this email: Dear B5media Member, Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service. If you choose to ignore our request, you leave us no choice but to cancel your membership. Virtually yours, The B5media Support Team +++ Attachment: No Virus found +++ B5media Antivirus - www.b5media.com Or maybe one that looked like this: Dear user brian, You have successfully updated the password of your B5media account. If you did not authorize this change or if you need assistance with your account, please contact B5media customer service at: info@b5media.com Thank you for using B5media! The B5media Support Team +++ Attachment: No Virus (Clean) +++ B5media Antivirus - www.b5media.com Or even this "Dear User" email: Subject: WARNING Your Internet account has been suspended. Dear user Your IP was logged by different sites which are porn related. Attached is a list of sites you visited and information about your Internet account. We warn you not to visit these sites again. b5media.com User's Online Experiance Control Team. I've gotten dozens of them. Now, being on the tech team, I have an advantage in that I KNOW we didn't send it. Here are a few things you can look for: First, *we won't be sending you .zip or .exe files out of the blue.* If we ever do send a file to you, it would be from one of us individually and it would be part of an email thread/discussion we are having. So, you will know it is coming. Second, *we won't use B5media with a capital B* multiple places in the email. We are b5media not B5media. And we will almost always have an individual tech team member's name at the bottom. Also any "b5media"s will always be lower case (or the offender will get 40 lashes with a wet noodle and will be subject to much teasing by the rest of the b5media tech team. I know from experience and no, I don't want to talk about it). Third, Declarations at the end of *the email saying that it is virus free almost always indicate it is virus laden. Especially when they software they use is "+++ B5media Antivirus". See that capital B again? And I didn't even know that we wrote antivirus packages. I thought we were into blogging! Fourth, the attachements will not be faked to look like the are DOC files when they really are EXEs. Look at contents of the .zip attachment from that email: It looks like a .doc file right? At least at first glance? Because the file type is right beside it in my setup, you can see that they are doing something tricky... The file type isn't document; it's application. See those three dots after the file name? Look what happens when we expand that column: They put lots of spaces at the end of the file name to make the real extension be hidden. The file name is something like "account-report.doc .exe". That way the .exe is hidden to the casual observer. Pretty tricky huh! Well, I just wanted to make sure you all were aware of this email. I've been getting them since April, so chances are you'll get one sometime too. BTW, If I ever sign an email "Virtualy yours" please feel free to slap me around a bit! THANKS! Can you even hear us saying "Dear User"??? __________________ Brian Layman b5media Inc. www.b5Media.com / www.TheCodeCave.com Skype: BrianLayman Last edited by Brian; February 9th, 2009 at 09:01 AM.*

August 1st, 2007, 08:14 PM	#2
DexieW Fashionista Who Cooks Join Date: Apr 2007 Posts: 182	Re: Is this from b5 Support? I DON'T THINK SO!!!! Thanks Brian, much appreciated __________________ b5media blogs : She Knows Best Style It Less Style Tots Beauty Gizmo Soaps On ABC Pop Music Scene Elsewhere : DexieJaneWharton FEISTYMOMMA FEISTYCOOK ScrapLoving

March 17th, 2008, 05:58 PM	#4
bnpositive Worst Case Scenario Join Date: Feb 2006 Location: In a state of confusion Posts: 391	Re: Is this from b5 Support? I DON'T THINK SO!!!! Another little step I do is to hover over any links I receive in an e-mail message and look where they're going to send me in the status bar of my browser or the pop-up bubble in my e-mail client. Many times what the text says for the link in a URL and the actual value of the link are completely different. In general I don't click on links in messages at all. I'll type in the URL of the company directly if it's actually a company I do business with and think it may be a legitimate e-mail. __________________ Jason Bean My Personal Blog: =)Bnpositive's Blog My b5 Birthday: 12/21/2005

March 17th, 2008, 06:07 PM	#5
Brian Administrator Join Date: May 2007 Location: Akron, Ohio Posts: 151	Re: Is this from b5 Support? I DON'T THINK SO!!!! Good advice Jason! __________________ Brian Layman b5media Inc. www.b5Media.com / www.TheCodeCave.com Skype: BrianLayman

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)