Solved

Any help blocking phishing emails with .zip attachments

Posted on 2013-11-17
4
909 Views
Last Modified: 2013-12-11
My business is being besought with phony emails trying to get the receiver to open a zip file attachment.

Some of these are darn clever and I have tried and tried to educate my people. Nevertheless, some eventually get through.

I am on a shared hosting hosting plan that uses C-Panel. The only mail filtering is Spam Assassion and Email Authentication.

I have spoken to my service provider to see if there was a way to flag zip file attachments, but he says no.

I  would like to inform our vendors that we don't accept zip files, or that zip files must be directed to a specific address, and filter out all of the others.

It there a method for this or are there other filtering methods that I don't know about? Surely this is a big enough problem world wide that there are some solutions, or at least partial solutions.
0
Comment
Question by:David Brugge
4 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39655562
The fact that you're using a shared host limits your options.
Chances are that your host uses Exim and don't want to bother to set up rules for your domain.

What you can do is pay for something like SpamExperts ( http://www.spamexperts.com/en ) and ask your host to configure it for you. With it you can set up your blocked extensions using the UI.

PS: I used to get a LOT of spoofed mail using only SpamAssassin. Very little now with Spam Experts.

HTH,
Dan
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39656051
Hi.

> I  would like to inform our vendors that we don't accept zip files, or that zip files must be directed to a specific address, and filter out all of the others.
If you think about this measure, why not tell your vendors to send only attachments zipped as 7zip (.7z) from now on? 7zip is free. You could block the attachment type .zip afterwards, either at your endpoints or at the mail server (if technicalkly possible*). Spammers almost never use .7z because windows would need 7zip installed, while .zip needs no additional program.

* at the endpoint: with outlook for example, we can block certain file types.
0
 
LVL 26

Author Comment

by:David Brugge
ID: 39657584
Sounds like part of a solution. We don't use Outlook because of the problems they had years ago when we were setting up the system. As a result most of the stations use Eudora and a few use Thunderbird.

I haven't found a way to filter file types in Eudora, haven't checked Thunderbird, but only two stations use it and it's not likely I can convince anyone to change.

As far as filtering at the mail server, this seems logical to me, but it is above my pay grade.
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 500 total points
ID: 39657814
I highly recommend you look into FireEye, Invincea, EMET, and OpenDNS.

Redirecting your mail simply requires modifying your MX record to point to a provider which gives your more control (migration issues aside.)  Google Apps is one such provider (see Attachment Filters, etc.)

Not only that, you'll get access to multiple redundant mail servers and full-time anti-malware teams.  If your current provider won't allow this control, vote with your wallet.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question