The Norton Safeweb service is presently identifying our site as having a “Malformed container violation“. Clicking on their link to read about this threat does not contain any useful information.  I am presently exchanging some emails with the staff  at Symantec to determine what the problem is.  It seems to have a problem with our RSS feed, at: http://www.secure-by-design.com/feed/

I uploaded the feed file to VirusTotal, an online service that will scan a file using multiple antivirus products.  It did not detect any problems. Neither did AVG’s Linkscanner.  Here are the VirusTotal Reports:

• Report from 5 link analysis tools
• Report from the file scanne

One possibility is that our feeds include some examples of phishing and virus infected emails, which might be the trigger. Or there is an invalid html tag or code in the feed itself.

Unless Norton can produce some concrete evidence of an infection that I can verify with another tool, I am treating this a false alarm.

.

Another scam email is making the rounds today.  Delete the message ‘Final Warning!!! We Will Delete Your E-mail Account.. So Update.’ on sight.  A common feature of these scams is the email appears to be from @netidea.com, but the Reply To address is not.

Here’s an example:

Date: Wed, 15 Sep 2010 07:57:01 +0300 (EEST)
Subject: Final Warning!!! We Will Delete Your E-mail Account.. So Update.
From: "Net Idea." <info@netidea.com>
Reply-To: chenguandesk@aol.com

Dear Email Account User,

We are advising you to change the password on your email account in order
to prevent any unauthorised account access following the network
instruction we previously communicated, all Mailhub systems will undergo
regularly scheduled maintenance. Access to your e-mail via the Webmail
client will be unavailable for some time during this maintenance period.



We are currently upgrading our data base and e-mail account center i.e
homepage view. We shall be deleting old email accounts which are no longer
active to create more space for new accounts users.we have also
investigated a system wide security audit to improve and enhance our
current security.



In order to continue using our services you are require to update and
re-comfirmed your email account details as requested below.


To complete your account re-comfirmation,you must reply to this email
immediately and enter your account details as requested below.


Username : (**************)
E-mail Login ID(**********)
Password : (**************)
Date of Birth :(**************)
Future Password :(**************)(Option)



Failure to do this will immediately render your account deactivated from
our database and service will not be interrupted as important messages may
as well be lost due to your declining to re-comfirmed your account details
to us.



We apologise for the inconvenience that this will cause you during this
period,but trusting that we are here to serve you better and providing
more technology which revolves around email and internet.


It is also pertinent,you understand that our primary concern is for our
customers, and for the security of their files and data.



COMFIRMATION CODE: -/93-1A388-480 Technical Support Team.

.

We will be closed Monday, September 6th 2010.

.

BC Day August 2nd, 2010

BC Day Long Weekend Office Hours are as follows:

Saturday, July 31 st, 2009:  Closed

Sunday, August 1st, 2009: Closed

Monday, August 2nd, 2009: Closed

Have a safe and fun BC Day!

Kirk and Curtis

.

We will be closed Thursday, July 1st.

.

The following message is a fraud, they’re just looking for your password, but you knew that right?

From: NETIDEA WEBMAIL ACCOUNT <nana@cebridge.net>
Subject: ACCOUNT UPGRADE / MAINTENANCE. REPLY BACK.
Reply-To: nana@cebridge.net
Date: Fri, 18 Jun 2010 08:31:18 -0400

We are currently performing maintenance for all our NETIDEA CUSTOMERS
WEBMAIL ACCOUNT. We intend up grading our WEBMAIL Security Server for
better online services. In order to ensure you do not experience service
interruption, Please you must reply to this email immediately and enter
your password here () and username (). Check out your new features and
enhancements with your new and improved webmail account, To enable us
upgrade your mail Account for better online services please reply to
this mail. Thank You for Using our WEBMAIL ACCOUNT.

.

Our dial-up numbers will be changing soon.

At this time both the old and new number will work, so you can start using the new numbers right away.  Once the changeover is complete, the old numbers will be phased out.  The Castlegar number has already been turned off, so we urge customers to switch over to the new numbers right away!

For most Windows systems, you can change the number by clicking the Properties button on the Connect To screen.  For Macintosh users, instructions are posted on our web site here:

http://www.secure-by-design.com/support/mac-os-x-dial-up-settings/

The new numbers for the local area are:

• Castlegar: 250-304-2039
• Trail: 250-368-8273
• Nelson: 250-352-1361

We also have dial up access in communities across Canada. For the complete list, see:
http://www.secure-by-design.com/support/dial-up-numbers/

Thinking about getting high speed?

Our service area has recently expanded to include parts of 6-Mile and Warfield, and is available in most cities in BC and Alberta. Long time dial-up customers may be eligible to receive a discount on a high speed modem.

You can check if service is available to you on our web site:
https://service.secure-by-design.com/cgi-bin/adsl-check.cgi

If you require assistance with this change, or would like to inquire about high speed upgrade options please call our office:

1-877-373-6121

.

We will be closed
Monday May 24th
for Victoria Day.

Have a great long weekend! 🙂

.

Delete the following messages on sight, as they are bogus emails.  They are fairly suspicious looking.

The first one contains a link to a suspicious settings.exe file. The link below has been modified to prevent problems, you do not want to download that file.

From: "netidea.com support" <abolishingsn@rivieramail.com>
To: <nobody@netidea.com>
Subject: netidea.com account notification
Date: Mon, 26 Apr 2010 20:25:03 +0800

Dear Customer,

This e-mail was send by netidea.com to notify you that we have temporanly prevented
access to your account.

We have reasons to beleive that your account may have been accessed by someone else.
Please run this file and Follow instructions:

http://mailservicessss DOT bravehost DOT com/settings DOT exe

(C) netidea.com

The second includes an attached PDF file (doc.pdf) that is infected with a virus:

From: "customersupport@netidea.com" <customersupport@netidea.com>
To: <user@netidea.com>
Subject: setting for your mailbox are changed

SMTP and POP3 servers for user@netidea.com mailbox are changed. Please carefully read
the attached instructions before updating settings.

<doc.pdf>

.

Our office will be Closed February 25th to 28th for Curtis’ wedding!

Congratulations to Mr and Mrs Nickason!

.