So a guy at work opened an attachment from the 'IRS'.

[Homercidal]

I'm in process of re-installing. Not worth the time to try and clean it up. He really needed a fresh install anyway.

Just wanted to say that one of his email archive files was 10GB in size. Yes, you read right, 10 GIGABYTES! He knows the meaning on the term CYA.

Oh, and on top of that, someone else rebooted their computer and got the "NTLDR is missing." message, so that's running a repair now too.

FML.

Can't always sit around surfing HBT all day.

 

[Revvy]

It was one of those fake ones, right? I got one from the "FBI" yesterday. It was kinda funny, I almost started a thread about it.

 

[JeepDiver]

Just wanted to say that one of his email archive files was 10GB in size. Yes, you read right, 10 GIGABYTES! He knows the meaning on the term CYA.

.

Got better since than to open an IRS email, but I never delete emails. All of my folders (include yearly archives) total from the 4 years on this job is probably about 20GB

 

[Homercidal]

If by fake you mean not actually from the IRS, then yes. But it was definitely real in the sense that I REALly have to reload his computer now.

 

[SenorPepe]

lol what was the email address? [email protected]?

 

[Homercidal]

Got better since than to open an IRS email, but I never delete emails. All of my folders (include yearly archives) total from the 4 years on this job is probably about 20GB

Normally he would have yearly archives that are about 1.5-2GB each, but for some reason his past 2 years never got separated, and his archive accumulated for the past almost 3 years.

To be fair, that is not out of line for someone who regularly receives engineering files. But he doesn't really need to keep them that far back, since his standard MO is to ask one of his guys to pull up files for him, on their computers. He can't be bothered to look up phone numbers or files. He has someone else do that, usually.

 

[Homercidal]

lol what was the email address? [email protected]?

I think it was [email protected]

 

[SenorPepe]

ahhh slightly more complicated. I always wonder how people get tricked into opening emails that are clearly not from the same domain.

 

[Revvy]

ahhh slightly more complicated. I always wonder how people get tricked into opening emails that are clearly not from the same domain.

Most people are basically idiots.....

 

[KFH]

I'm in process of re-installing. Not worth the time to try and clean it up. He really needed a fresh install anyway.

Just wanted to say that one of his email archive files was 10GB in size. Yes, you read right, 10 GIGABYTES! He knows the meaning on the term CYA.

Oh, and on top of that, someone else rebooted their computer and got the "NTLDR is missing." message, so that's running a repair now too.

FML.

Can't always sit around surfing HBT all day.

So have you already beaten him severely for being so pants-on-head retarded, or do you plan on this after the computer is reimaged?

 

[Rev2010]

I'm an IT Tech for a living as well so I feel your pain man!! Matter of fact I even got so sick and tired cleaning up the wife and sister-in-law's laptops (malware & viruses) as well as several attorney's personal laptops that kept getting infected.

My solution? Believe it or not I switched everyone over to Ubuntu Linux, it's what I use as my general use machine; I have a Win 7 audio DAW that I do my music on and stays off the net. The wife got Linux, her sister, even my mother when I gave her a computer. At work I set all the repeat offenders personal laptops to a dual boot Windows / Linux and told them to use Linux for EVERYTHING except what they absolutely can only do in Windows (which is very very little these days). Guess what... I no longer have any hassles anymore with these repeat offenders and they all tell me how much they love Linux now and never go into Windows anymore.

Our work machines are Windows 7 and luckily we have a pretty good web filter (IronPort and before that WebSense) as well as antivirus etc and most users email us about suspicious emails rather than clicking them. My last firm had a wide open internet and I had sooo many days I was just going to walk off the job because I got sick and tired of cleaning out malware and viruses all day long. It became my primary task. Glad to have left that place.


Rev.

 

[SenorPepe]

Ubuntu FTW!

 

[JeepDiver]

ahhh slightly more complicated. I always wonder how people get tricked into opening emails that are clearly not from the same domain.

Back in the late 90's at a company I worked for one of the customer service girls got an attachment from a client she couldn't open so she forwarded it to our head IT guy. He proceded to open iloveyou.vbs and infected the entire network. He keep his job but after that the programmers no longer called him an idiot behind his back, we started doing it to his face

 

[ReverseApacheMaster]

I've been getting a lot about a speeding ticket in NY instructing me to send payment to a PO box somewhere in NY. They come with attachments too so they get two bites at the apple to scam people.

Obviously I should quit driving in NY (I never have).

 

[Homercidal]

Most people are basically idiots.....

This guy isn't most people... (snicker) He's above the "Basic" level.

Actually, he's not an idiot, but he plays one on the computer.

I took him down to a different desk and logged him into the webmail on a training computer. A few minutes later one of the guys down there called and said the guy didn't like webmail and wanted to know if he can have Outlook.

Well, I told him I didn't have a spare Cadillac with the guy's radio presets all ready for him, so he'll have to drive the Pinto until his Cadillac is back from the shop. I told him to tell the guy I wasn't the one who drove the cadillac into the tree. I got a nice chuckle from that, and I let him drive the Pinto for about an hour before I set up the Outlook for his email.

He's just one of those busy sales guys who thinks they are God's gift to the company and can't be bothered by such mundane things like keeping their email clean and whether or not they could be clicking on something dangerous.

If he didn't bring us so much work, I'd stretch his pain out a little longer.

 

[Hinermad]

This guy isn't most people... (snicker) He's above the "Basic" level.

Like this?

The original souce: Saturday Morning Breakfast Cereal

Dave

 

[Homercidal]

Like this?

The original souce: Saturday Morning Breakfast Cereal

Dave

I get the "Why do we need passwords, I don't have anything to hide." all the time.

As of now, I've been sorting his email for a couple of hours. This, after reloading all of his apps this morning. At least I'm going to get paid for it.

I should really be doing something useful though. Plus, I took his computer home, so I can work on it and drink beer.

 

[Rev2010]

I get the "Why do we need passwords, I don't have anything to hide." all the time.

You know what pisses me off more? Hearing, "Man, if we used Mac's we wouldn't get viruses. My Mac at home never has this problem". God that gets me mad. And I can't just turn around and tell them, "OK numbnuts... for one Mac's only recently broke 10% of the market share meaning there are sooo many more Windows PC's out there and that is why viruses and malware are written and targeted toward that platform.

Two, you work in a law firm with many specialized apps that aren't even available on the Apple platform!!!!

Three, Macs simply are not really designed for super large company network integration. We have thousands of users between all our offices (sorry to upset anyone but Macs just really aren't ready for that large an enterprise prime time just yet.)

Four, if you weren't so stupid as to launch attachments from senders you don't know or from emails that are clearly suspicious you wouldn't have this problem! Also, looking for nude pics of Scarlett Johansson on your work computer and clicking links to any clearly dubious .ru site is the problem NOT your machine."

But of course... I can't say these things to the attorneys or I'll get canned. I try to explain it as nicely as I can when I'd rather chew them out and put them in their place.


Rev.

 

[copyright1997]

But of course... I can't say these things to the attorneys or I'll get canned. I try to explain it as nicely as I can when I'd rather chew them out and put them in their place.


Rev.

Maybe they need some of that nice, juicy, client-attorney confidential data splattered all over servers in Russia and other places before they listen.
(Spoken from someone having done sw development for a long time - multiple patents - now retired with time to brew )

As an aside (I figure you know this, just trying to help others), the IRS has stated they do not discuss tax matters via email. Here's an example of where they state this:

 

[stamandster]

If you can setup a squid proxy and start blocking sites Also, opendns.org has some nice options for blocking based on content type. We've been getting the ACH Transactions, Fedex delivery, Xerox Scanned document, etc.

Spearphishing is certainly an issue and even with mitigation's in place we still need to keep reminding our users to be discerning. We have them sign a policy dictating their browing habits and emails they should/shouldn't be opening. If they get a virus from surfing for wallpapers or birthday imagery they get reprimanded. It's that simple. We do our best to keep the network secure, they should too. We continually remind our users of safe browsing and email usage that way the we keep the onus on them.

I guess the best analogy is this. A car is built with as many safety features currently available and during normal conditions it can be safe to drive. However, we all personally take into account inherent dangers of driving when we start the key and proceed. For instance driving too fast or under the influence can get you killed. No matter how many safety features there are they aren't going to stop a tree from killing you if you're doing 120mph. Would these people still complain, if they lived, that there should have been more safety features to keep them from getting hurt? I would say more safety features from the plague of stupidity.

Oh and that whole nude pictures thing would've gotten any user canned immediately. Even a top level exec. A policy is only as good as if you enforce it.

 

[Homercidal]

Eh. This guys brings too much business to be really hard on him. I changed his virus scanner and made sure the email was integrated in it. We've had problem with McAffee.

At least there was some tasty pictures from CL girls in his email...

 

[TxBrew]

I think it was [email protected]

Russia and the IRS are cohorts? I knew it!

 

[Bernie Brewer]

We've had problem with McAffee.

Doesn't everybody?

 

[stamandster]

McAfee ePO's not that bad... i mean there's a level of horribleness in every anti virus solution i've used.

 

[Homercidal]

Doesn't everybody?

I can live with "We got it for free" only for so long.

I'd rather buy a site license for AVG than keep using McAfee. I can tell you that when I put in for AV software it won't be McAfee or Norton's.

The computer that I used to transfer files for burning deleted the .exe attachment from his documents folder right away. So where was McAfee??

 

[JeepDiver]

I can live with "We got it for free" only for so long.

I'd rather buy a site license for AVG than keep using McAfee. I can tell you that when I put in for AV software it won't be McAfee or Norton's.

The computer that I used to transfer files for burning deleted the .exe attachment from his documents folder right away. So where was McAfee??

My Company uses MS Forefront. It works fairly well once you get the right exceptions put in.

I also use it on my home machines. It's free for them, not sure about the corp license.

 

[TheMan]

He's just one of those busy sales guys who thinks they are God's gift to the company and can't be bothered by such mundane things like keeping their email clean and whether or not they could be clicking on something dangerous.

If he didn't bring us so much work, I'd stretch his pain out a little longer.

It's always the sales people...always. I think they are missing part of their brain, called common sense.

 

[TomSD]

Yeah passwords... my clients hate me for that and they just don't get why they are so important. I implemented a pretty harsh policy on passwords taking them from one letter or space to symbols, upper, lower, number and length requirements that have to be reset every 90 days and a history to stop them from using the same ones over and over. Man did I catch crap for a couple months after that. Now they all do it without even thinking about it, lol.

As for users. I'm not sure which is worse. The computer illiterate that just never seem to learn no matter how much you try and teach/show them or the self proclaimed computer experts that do everything in their power to "help" but only manage to utterly thrash everything in the process then look all confused when I want to kill them.

 

[CHefJohnboyardee]

I've been out of computer work/tech knowledge for so long I let the tech guys do everything. I don't even try to help.

It keeps life simple. I just do my inventory and sync it with current food prices to know what I'm sitting on and how much I'm spending a month...

 

[Burgs]

I feel your pain on the 10gb Outlook file... we have people that keep their deleted items folder so large that it hits the 2gb mailbox limit, and then when they can't send any more email, they auto-archive the stuff from the deleted folder.

No amount of me telling them that I don't back that sh*t up has made a difference. Oh, and they also want to be able to use instant search on their 10-15+ gb .ost file. Pretty awesome habits.

 

[Homercidal]

We have a lady here who used to keep her saved items IN THE DELETED ITEMS FOLDER!

She lost it once and tried to tell me, "It's never been a problem before (so fix it)."

I mean, the LAST place I would put anything I wanted to save is the friggin trash folder!

Luckily for her corporate was able to retrieve her data from the server somehow. We don't have that luxury now since we are using an ISP until I manage to install our own server. So she can't use the deleted items folder cause there ain't one!

 

[Burgs]

I know exactly what you mean. That deleted items folder is sacred to people. Mine's ... empty, so I must be weird.

To add insult to injury, the stuff my coworkers are saving isn't even important or unique. We have web systems that generate alert emails and status updates and these emails get sent to a group of 7-8 people. So we're sending out 8 copies of the same thing and everyone needs to save it forever. No one listens to me when I try to express how much that hurts my soul.

Why are you wanting to run your own server? Maybe it's a grass is always greener thing but I'd love to have an offsite solution.

 

[bernerbrau]

I feel for you sysadmins.

I've been bugging my sysadmin to let me run linux on my box for 4 months now. I'm sure he'll crack sooner or later.

 

[lschiavo]

Maybe they need some of that nice, juicy, client-attorney confidential data splattered all over servers in Russia and other places before they listen.
(Spoken from someone having done sw development for a long time - multiple patents - now retired with time to brew )

As an aside (I figure you know this, just trying to help others), the IRS has stated they do not discuss tax matters via email. Here's an example of where they state this:

I'm not clicking that link in a thread like this

 

[david_42]

Macs! I remember when Apple computer were the primary virus target, because fanboys would put anything on their computers. One dork used an Apple bridge to cross-connect to different subnets, so he didn't have to walk an extra 30 feet to a printer. Brought 170 other people to a grinding halt.

And it didn't even work for him!

 

[copyright1997]

I feel your pain on the 10gb Outlook file... we have people that keep their deleted items folder so large that it hits the 2gb mailbox limit, and then when they can't send any more email, they auto-archive the stuff from the deleted folder.

No amount of me telling them that I don't back that sh*t up has made a difference. Oh, and they also want to be able to use instant search on their 10-15+ gb .ost file. Pretty awesome habits.

I'm one of those weird folks that doesn't like to get rid of anything. I still have 10-20 GB of Lotus notes mail databases from when I worked (retired now), and I never delete stuff from my home email (I use thunderbird). At home, DISK is CHEAP (note I didn't say that about a work environment, hey I know how much it cost - I was on a sales team selling the stuff). But at home I have automatic backup of a few laptops and a couple other systems to a FreeNas server w/disk raided with ZFS, and I also occasionally backup some of my backups and send them "off-site" (out of my house and away from the immediate area). All in all, I'd say I have somewhere between 15-20TB of disk.

 

[Burgs]

I'm one of those weird folks that doesn't like to get rid of anything. I still have 10-20 GB of Lotus notes mail databases from when I worked (retired now), and I never delete stuff from my home email (I use thunderbird). At home, DISK is CHEAP (note I didn't say that about a work environment, hey I know how much it cost - I was on a sales team selling the stuff). But at home I have automatic backup of a few laptops and a couple other systems to a FreeNas server w/disk raided with ZFS, and I also occasionally backup some of my backups and send them "off-site" (out of my house and away from the immediate area). All in all, I'd say I have somewhere between 15-20TB of disk.

Hoarder!

 

[stamandster]

Yeah in a corporate environment disk is certainly NOT cheap. A couple terabyte SAN will cost you a cool couple thousand at least. Especially when you mix in all the cool features like auto snapshots and replication, oh and support

It's funny that people still use PST's because they most likely keep them on a file server. MS specifically states to NEVER store PST's on a mapped drive because of file locking and performance issues. The most I've ever heard of having to keep email is 7 years. The longest we do at where I work is 25 months and that's just appease auditors (not even a regulatory requirement). We have email archiving too but we don't let end users know we have it