Now, this just isn’t nice. Still, you have to give the spammers points for cleverness.
MessageGate has determined that spam featuring the domain xcelent.biz has gone beyond the usual rudeness of using a click on an unsubscribe link to confirm a warm body on the other side of the email inbox.
This badboy actually downloads an EXE file which takes advantage of a known bug in IE – namely that it treats any link containing the “IMG” tag as a valid image file, and, as the US-CERT tells us, “a drag and drop operation on an IMG element with an executable source file will copy the executable file without presenting a download dialog.”
Ouch.
Now, does this mean that you should never click on an unsubscribe link? No, of course not. As Aunty has always said, you should unsubscribe from unwanted email if that email comes from a source which is otherwise known to you, or which you know to be a real, credible organization. But address harvesters and scrapers? Don’t give them the time of day. Hit ‘delete’ with extreme prejudice.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
And for the sake of all that is sacred, don’t run software with known security weaknesses, especially when there are so many other options available to you.
Read more about this here.
Read about the IE flaw at the United States Computer Emergency Readiness Team website here.
Kissy kissy,
Aunty
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Dear Aunty,
In a perfect world their would be no criminals and we would need no Cops. In a perfect world we would not have mean spirited people who’s joy comes from the misery of others. In the meantime I choose to use “MailWasher Pro” to filter my mail. It takes a little longer to get to my mail but when I get there it is MY MAIL!!!
I learned several years ago-never click on an unsubscribe link. Why do you think spammers include this link?
Dear EPGeek,
Obviously language and reading comprehension were not your best subjects. Please show Aunty where she has ever said to “always use the unsubscribe”.
Kissy kissy,
Aunty
Aunty Dear, I seem to remember a previous column that said to always use the unsubscribe, and I also recall that I said you were cukoo then. Maybe you ought to get with the modern era. Spammers are bad (period) and should be driven (screaming) from the Internet.
SPAM = Some People Are Menaces (Mugs, Morons, M….s, Maniacal, Microcourteous, Macroegotistical, [have funn adding your own M-word]
Aunty? This is a no-brainer, but then of course, this whole thing from Lockergnome, Windows Fanatics, seems to be aimed at people who should never upgrade to 98SE, much less XP. Anyone who opens anything from an email from anyone, or any company, they have never heard of, or if the URL, easily seen by holding the pointer over the name of the email, is unheard of, deserves what they get. Just don’t email me. I’ll send it back, report it as junk and the sender as a spammer.