*OT* had to do an on-line security quiz for work

[Duh_OZ]

64 (verbal) slides, blew off 61 of them (fast forward baby). 10
question quiz at the end - got 2 wrong, both dealing with e-mail
attachments. One was if you receive an attachment called
"installme.exe" you should.......

My answer was download the file and submit to virustotal.com, but alas
that wasn't an option LOL. The correct one was 'call the person who
sent you the e-mail'. WTF? Suppose the person sent some piggybacked
trojan horse? Just say okay, they did send it, it must be safe.
*Right*. The other was a blank e-mail with just an attachment. Same
thing, call the person who sent it. Perhaps I should do that(call
when ever they send me a file attachment) just to bug some coworkers.
After all it was part of the security quiz.

 

[Duh_OZ]

From: "Duh_OZ" <[email protected]>

| 64 (verbal) slides, blew off 61 of them (fast forward baby).   10
| question quiz at the end - got 2 wrong, both dealing with e-mail
| attachments.   One was if you receive an attachment called
| "installme.exe" you should.......

| My answer was download the file and submit to virustotal.com, but alas
| that wasn't an option LOL.  The correct one was 'call the person who
| sent you the e-mail'.  WTF?   Suppose the person sent some piggybacked
| trojan horse?   Just say okay, they did send it, it must be safe.
| *Right*.   The other was a blank e-mail with just an attachment.  Same
| thing, call the person who sent it.    Perhaps I should do that(call
| when ever they send me a file attachment) just to bug some coworkers.
| After all it was part of the security quiz.

Q: "if you receive an attachment called "installme.exe" you should......." ?

The correct answer is to delete the email message.  The quiz is wrong.

============
You know that and I know that, but .... :0)

BTW, the work e-mail client does block .exe attachments so I guess the
question relates if you are using a personal e-mail. I've actually
had to send attachments to personal e-mail (other companies) because
the filter on one end would not let them through no matter how I tried
to disguise it (including encrypting a password). One of my sister's
workplace has to have the name of the company in the e-mail body or
the attachment is blocked.

 

[FromTheRafters]

64 (verbal) slides, blew off 61 of them (fast forward baby). 10
question quiz at the end - got 2 wrong, both dealing with e-mail
attachments. One was if you receive an attachment called
"installme.exe" you should.......

My answer was download the file and submit to virustotal.com, but alas
that wasn't an option LOL. The correct one was 'call the person who
sent you the e-mail'. WTF?

WTF indeed! I would say delete the entire e-mail, unread. Is this
related to a business that must accept unknown executable files from
e-mails? If so, their reasoning may be different than normal. IMO
executables shouldn't have made it to the workstation desktop through
e-mail in the first place.

Suppose the person sent some piggybacked trojan horse?

....or the malware only activates its payload after a certain criteria
are met? Just because they got to see the dancing pigs without
contracting malware doesn't mean you will be as lucky.

Just say okay, they did send it, it must be safe.

Trust, but verify. Sure, I trust you like a brother, but sign here
anyway (and here...and here...).

Accept the executable as trustworthy on the word of the person offering
it, *then* submit it to scanning after a 'cooling off period'
preferably. After all, it comes from "outside" and you don't know where
it's been.

*Right*.

)

(I know that you know all this)

The other was a blank e-mail with just an attachment. Same
thing, call the person who sent it.

Yeah, and give 'em hell for being so pathetic. D

Perhaps I should do that(call
when ever they send me a file attachment) just to bug some coworkers.
After all it was part of the security quiz.

I'll bet if you ask them about PDF files they'll say that they are safe
to open.

 

[Leythos]

64 (verbal) slides, blew off 61 of them (fast forward baby). 10
question quiz at the end - got 2 wrong, both dealing with e-mail
attachments. One was if you receive an attachment called
"installme.exe" you should.......

My answer was download the file and submit to virustotal.com, but alas
that wasn't an option LOL. The correct one was 'call the person who
sent you the e-mail'. WTF? Suppose the person sent some piggybacked
trojan horse? Just say okay, they did send it, it must be safe.
*Right*. The other was a blank e-mail with just an attachment. Same
thing, call the person who sent it. Perhaps I should do that(call
when ever they send me a file attachment) just to bug some coworkers.
After all it was part of the security quiz.

Calling the person does two things:

1) Verifies that the file was actually sent properly and you can
determine WHY.

2) If the file was sent improperly, lets the user know that their
account has been compromised and to take action.

The sad thing is that a properly configured firewall would not allow
..exe files to reach users.