[AusNOG] Strange call from supposed Antivirus vendor.

Luke Fuller lfuller at cozmedics.com.au
Mon Jun 28 09:47:31 EST 2010 

Hi All,

A quick question some of you may have come across before or have advice on.

One of our users over the weekend had an strange phone call from a company supposedly 'Norton' stating that there computer is infected and they need to follow the following steps which they gave the user several CMD and registry commands. This was reported yesterday to us.

Has anybody else come across such a thing before ? The user is connected to our corporate WAN and a possibility that if it was infected it has spread as we are seeing issues pop up on some production servers.

Any advice on a standard response - we have already started to in depth  scan each server however also should we strengthen the IPS scanning for Malware, etc at network edge points ?

Very odd unless companies do contact end users however we use ESET through the corporate network . Any body else with similar experience with a strange call ?

Luke.


 
Luke Fuller 

 
 
 
COZmedics Medispas
Maroochydore - Level 1, 49 The Esplanade
Noosa - Suite 1.17, Noosa Medical & Professional Centre  90 Goodchap Street
Ascot - Level 1, 121 Racecourse Road
Kenmore - Suite 9, 2081 Moggill Road
, , 
 
Ph: 07 5409 4400
Fax: 07 5409 4444
Bookings: 1300 792 299
Web: http://www.cozmedics.com.au/
 
http://www.cozmedics.com.au/
 
--------------------------------------------------------------------------
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute or copy this email. Please notify the sender immediately by email if you have received this email by mistake and delete this email from your system. If you are not the intended recipient, you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The organization accepts no liability for any damage caused by any virus transmitted by this email. Email transmission cannot be guaranteed to be secure or error-free, as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender, therefore, does not accept liability for any errors or omissions in the contents of this message which arise as a result of email transmission.
__________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100628/27668d73/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 3844 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100628/27668d73/attachment.jpe>

More information about the AusNOG mailing list