Avoiding viruses, with Lula's email to you!

There are still people who believe that email is safe. See for yourself how to avoid viruses by learning how hackers use the security hole in emails to disguise themselves as Lula!

The best anti-virus that exists, is ourselves. After all, as in the Linux world, the user allows the software to run, and there are viruses for linux environments as well, however, there are a number of security features that are implemented by default, which do not exist in many Microsoft operating systems, such as the administrator and user account.

On Windows, we either use the Administrator account, or the Guest account, which is totally limited, making it impossible to do anything. In Linux, any user is a user, and there is no way to login as Administrator easily (root), unless it is by command line, when starting the system, or even starting X as an administrator.

However, there are also some precautions that each user must take when dealing with the computer, for example, care when viewing e-mail messages.

E-mail should cease to exist, since currently, many people use this form of communication, mainly companies, and the way of spreading messages such as spam, phishing (messages that disguise themselves as original messages) circulate daily on the internet.

Before each message, before clicking on any corner within it, check some things like:

- Who's sending it.

- Who sent, would send this type of message?

- Who sent you using email?

- Who sent it, uses MSN in lan-house frequently?

- Who sent it, have a habit of forwarding SPAM messages to their contacts?

An e-mail message can be totally manipulated by any person, any program, any software to disguise itself, sending and impersonating you, even without using your e-mail account, not even knowing or password your account, let alone passing near it, by the way, can be sent from anywhere in the world.

As well? Can anyone send a message impersonating me? That's right. Like? Simple.

The flaw is in the SMTP commands and headers in the email message body.

The SMTP server, allows you to receive a message from a valid e-mail address, which can be from the same domain, having a message with a header with e-mail from who sent it totally different from who sent it, and to whomever you want in the world , that is, you "[email protected]" can send a message on the SMTP server "smtp.example.com" containing a message with the header containing that the message was sent from "[email protected]" and directed for you. It is obvious that the message was not sent by the president, but by an SMTP server that authorized “[email protected]” that belongs to the same domain, to send the message.

This can be done simply by logging in to any SMTP server, they often require a password to access them. See an example of code made in Python to send messages with modified header (I am not responsible for the use of this script): (if you have python installed, just save it in an example.py file with this code and execute it by double clicking on the icon , remembering that the connection to SMTP is from the computer itself, use IIS or similar to send this email).

import smtplib
server = smtplib.SMTP('localhost', 25)
msg = '''\
To: "Yes, this is you. Learn More http://www.hotmail.com/g?x=12210002"
From: <[email protected]>
Subject: Contato Presidencia do Brasil
Date: Fri, 20 Jul 2010 20:00:00 -0300
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512


Oi, este sou eu, o Presidente Lula da Silva, e estou encaminhando esta mensagem porque gosto muito de voce.
Ate mais!

Att,
Lula Da Silva Sauro
Presidente do Brasil
Governo Federal
www.presidencia.gov.br

'''
server.sendmail('[email protected]', '[email protected]', msg)
server.close()


And here is the email sent to a hotmail account:

So, next time, be careful, as e-mail messages can be totally manipulated as above, see that I received the message from the squid, while the message did not even go near the Brazilian government servers.

Wait, you're in doubt about that colleague of yours who sent the email and hit all the destinations (To :) in the email? Simple, it accesses MSN in a lan-house, and usually viruses and malicious programs save the user's contact list, and then send emails like the one above, as phishing via the contact list email.

For me, there should be only AIM and Mac, or maybe just Linux, it would be the best! :)