Re: Latest social engineering

From: ap§ (alan_at_btinternet.com)
Date: 03/30/04

  • Next message: ap§: "Re: Encrypted folders" 
    Date: Mon, 29 Mar 2004 22:21:47 +0000 (UTC)

    Jim Watt wrote:

    > The wording in those mass mail trojans is getting subtle;
    >
    > insert <domain> of choice
    >
    > From: noreply@<domain>
    > Hello user of <domain> e-mail server,
    >
    > Some of our clients complained about the spam (negative e-mail
    > content) outgoing from your e-mail account. Probably, you have been
    > infected by a proxy-relay trojan server. In order to keep your
    > computer safe, follow the instructions.
    >
    > For further details see the attach.
    >
    > Cheers,
    > The <domain> team http://www.>
    >
    > ---------------------------
    > Certainly looks good unless you ARE the <domain> team
    > in question ...
    >
    > However, in this case the mail server deletes all
    > suspicious attachments as a security measure.
    > so TextFile.pif failed to solve my 'security problem'
    >
    >
    > --
    > Jim Watt
    >     http://www.gibnet.com

    Yeah :-) I've had a couple of them as well. For example, I also run the
    SexyZebra.com site and have been recieving many of these:
    ***

    Hello user of Sexyzebra.com e-mail server,

    Our main mailing server will be temporary unavaible for next two days,
    to continue receiving mail in these days you have to configure our free
    auto-forwarding service.

    For more information see the attached file.

    For security purposes the attached file is password protected.
    Password is "73805".

    Sincerely,
          The Sexyzebra.com team
    http://www.sexyzebra.com

    ***

    It's very convincing, nearly fooled my dad anyway 

    -- 
alan att alancode dot net
Alan P			Do not use address listed in To field above!
http://alancode.net 	http://pictures.alancode.net
  • Next message: ap§: "Re: Encrypted folders"
    • Quantcast