http://searchsecurity.techtarget.com/definition/email-spoofing
Lately I have been fielding a lot of questions about the legitimacy of emails. Some of the emails were from users who wondered if their PC was infected by a virus or malware. These turned out to be nothing more than their email was used to spoof a mass spam mailing. It used to be spoofing was used because a spammer was sending millions of emails and was not concerned if their list had bad or extinct email addresses. They simply did not want to be bothered by the returned emails. They only hoped for at least a 1% positive bites out of the millions sent.
However, with the rise in Malware the trick is to try and appear to be from a legitimate source so that the recipients will click on the links contained within and download the malicious payload.
There has also been a wave of emails purporting to be from Microsoft Office 365 claiming that a deactivation request has been received or that your mailbox has reached the limit and action is required now to resolve this. Microsoft does not send emails to individual subscriber mailboxes. There are admin and alternate emails that Microsoft uses to control subscriptions. Don't confirm your email to these hackers by attempting to use the links provided. You will only provide them with your login credentials and possibly download some bad stuff on your PC.
Windows security: Cryptocurrency miner malware is enslaving PCs with EternalBlue.
Stealthy and persistent cryptocurrency-mining malware is hitting Windows machines.
Now there is "fileless" malware that runs in memory, hijacking PCs to work at mining cryptocurrency.
Researchers at Trend Micro describe the malware known as CoinMiner as "extremely stealthy and persistent".
To infect Windows machine, it's using the so-called EternalBlue vulnerability employed by WannaCry and NotPetya as a spreading mechanism. Microsoft released a patch for the flaw in March but a spate of infections in Asia, mostly in Japan, suggest some systems have not been updated.
Please be sure to patch your machine and be vigilant about emails you open & links you click on.
read more at: http://www.zdnet.com/article/windows-security-cryptocurrency-miner-malware-is-enslaving-pcs-with-eternal-blue/
Add-ins and Extensions. Browser health.
It used to be that Chrome and Firefox provided safe alternatives to the contact attacks and ravages on Microsoft's Internet Explorer Browser. That is no longer the case. Google's Chrome has been the target of phony extensions designed to spread malicious ads. These extensions are delivered more often than not by users who google a legit software but don't pay attention to the sites found by the search. Be sure the download you seek is from the site of it's maker and not a 3rd party who will slip you unneeded toolbars, extensions and malware.
The main intent of the attack on Chrome extension developers is to divert Chrome users to affiliate programs and switch out legitimate ads with malicious ones, ultimately to generate money for the attacker through referrals
