FYI: email with malicious attchmnt.
Tapang, Roderick Eugenio (GXS)
RoderickEugenio.Tapang at gxs.com
Fri Aug 8 23:24:27 EDT 2003
I know it's obvious to most subscribers that I am using an M$
email client. I've been receiving emails 'pretending' to be
coming from 'admin at andrew.cmu.edu' with a zipped attachment
containing a windows binary file named 'message.html'.
Anyone receiving such email here?
here's part of its header:
Received: (from postman at localhost)
by lists2.andrew.cmu.edu (8.12.9/8.12.0.Beta16) id h78DWB9C009162
for info-cyrus-list; Fri, 8 Aug 2003 09:32:11 -0400
Received: from mx2.andrew.cmu.edu (MX2.andrew.cmu.edu [22.214.171.124])
by lists2.andrew.cmu.edu (8.12.9/8.12.0.Beta16) with ESMTP id
for <info-cyrus at lists.andrew.cmu.edu>; Fri, 8 Aug 2003 09:32:11
Received: from localhost (bgp481418bgs.summit01.nj.comcast.net
by mx2.andrew.cmu.edu (8.12.9/8.12.3.Beta2) with SMTP id
for <info-cyrus at andrew.cmu.edu>; Fri, 8 Aug 2003 09:31:19 -0400
Date: Fri, 8 Aug 2003 09:30:52 -0400
Message-Id: <200308081331.h78DUqT7022420 at mx2.andrew.cmu.edu>
From: admin at andrew.cmu.edu
Content-Type: text/plain; charset=us-ascii
Content-Type: application/x-zip-compressed; name="message.zip"
Content-Disposition: attachment; filename="message.zip"
>From: admin at andrew.cmu.edu [mailto:admin at andrew.cmu.edu]
>Sent: Friday, August 08, 2003 9:31 AM
>Subject: your account shkouevo
>I would like to inform you about important information regarding your
>email address. This email address will be expiring.
>Please read attachment for details.
>Best regards, Administrator
More information about the Info-cyrus