I saw this IM virus for the first time today:
WARNING – Don’t go to the URLs listed in this post, due to possible malware and NSFW content.
That’s from one of my sisters (so I see some phone support in my future.) She’s not signed in, so that’s a dead-giveaway right there.
At any rate, the domain information for “undelivered-emails.com” is cloaked:
Pinging either domain name resolves to IP address is 18.104.22.168, which is in Hong Kong:
As a test, I used a canary virtual machine to see if AVG Free 8.5 would block either of these sites – it didn’t.
Protection is necessary, but you can’t patch for everything. It comes down to end-user education. If you’re responsible for the computers in your company (or in your home if you’re a parent) you need to let folks know about IM vectors of infection and other threats. Spend the time educating, or spend a lot more time afterwards cleaning up.
One thing I do to encourage end users to “Call Before Clicking” centers around recognizing them when they make smart web surfing decisions. Example – picking up the phone immediately when getting a “your computer is infected with xyz” pop-ups instead of trying to close the windows.
To assist with this, I have a Microsoft Word document that I can edit called the “Safe Computing Award”. I customize it with the name of the client / employee and send it to them via email when they do something that avoids getting their computer infected. Sample below:
It just takes a minute or two to update the Word doc, PDF it and email it to the customer, and they have always been well received.
A little positive reinforcement goes a long way. 🙂