[IP] Cleverer than usual virus emails...
On Jun 13, 2005, at 1:34 PM, Robert Raisch wrote:
Dave,
A company I know has received several complaints from its employees
of virus-carrying messages that appear to come from the employee's
own domain, its subject is "Important Notification", the message
carries a viral trojan within its "account-info.zip" attachment and
the body says the following: (Note I have changed the name of the
recipient's domain to "[Domain]" within the message)
--
Dear [Domain] Member,
Your e-mail account was used to send a huge amount of unsolicited
spam messages during the recent week. If you could please take 5-10
minutes out of your online experience and confirm the attached
document so you will not run into any future problems with the online
service.
If you choose to ignore our request, you leave us no choice but to
cancel your membership.
Virtually yours,
The [Domain] Support Team
--
It appears the virus takes the name of the intended recipient's own
domain and uses it to rewrite the content of the message, making it
appear legitimate. So if the recipient's email address was
"user@xxxxxxxxxxx", the message would start with "Dear Example
Member," and end with "Virtually yours, The Example Support Team"
Needless to say, I find this simple search/replace a fascinating
indication of things to come.
/rr
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/