[ale] (fwd) Is this a trojan/worm?
Bob Toxen
bob at verysecurelinux.com
Fri Mar 5 19:00:33 EST 2004
On Fri, Mar 05, 2004 at 10:51:45AM -0500, tfreeman at intel.digichem.net wrote:
> Well this showed up in the mail spool this morning. It is obvious social
> engineering here, as I run this domain, but I'm usure what these turkeys
> are trying to do. Pine didn't bring all the headers forward, but I can get
> them to you if you want it.
> Anybody recognize this garbage??
Yup. The latest virus. It has clever social engineering to get people
to open the attachment. Some variants talk about the email server being
down, use this alternate one. Others talk about account cancelled.
The virus and spam filter I created had no problem blocking it for
my clients.
Bob Toxen
bob at verysecurelinux.com [Please use for email to me]
http://www.verysecurelinux.com [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
"Microsoft: Unsafe at any clock speed!"
-- Bob Toxen 10/03/2002
> --
> =============================================
> If you think Education is expensive
> Try Ignorance
> Author Unknown
> ============================================
>
> ---------- Forwarded message ----------
> Date: Fri, 05 Mar 2004 10:40:53 +0200
> From: management at digichem.net
> To: tfreeman at intel.digichem.net
> Subject: Notify about using the e-mail account.
>
> Dear user of e-mail server "Digichem.net",
>
> Your e-mail account has been temporary disabled because of unauthorized access.
>
> Further details can be obtained from attached file.
>
> In order to read the attach you have to use the following password: 34183.
>
> Best wishes,
> The Digichem.net team http://www.digichem.net
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list