[Modus] Heads Up People

[Bill Rakowitz]

Thanks John,   We received a short blast of them that started about 10:30 am CST.� They appear to have stopped for now but we will keep our eyes open.�   Bill -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John M. Troher Sent: Tuesday, December 30, 2003 11:51 AM To: [EMAIL PROTECTED] Subject: [Modus] Heads Up People Importance: High   We are seeing many of these messages coming in from all over the place to random if not dictionary recipients.   The message is designed to look like a delivery failure but closer examination point to other motives.   The majority of them all com from dynamic IP space like Road Runner, or Earthlink, AOL, etc and sent by The Bat so this looks very suspect, in all cases the attached file is ‘fail.hta’   You might want to add this file to your blocked attachment’s just in case.   John   -------------------       Sender: [EMAIL PROTECTED] IP Address: 65.25.173.185  Recipient: [EMAIL PROTECTED]    Subject: Your message delivery has been failed.  MessageID: hBUG8D409464     Report: HTML archives are very dangerous in email (fail.hta)   Full headers are:    Return-Path: <g>  Received: from rr.com (cpe-65-25-173-185.wi.rr.com [65.25.173.185])       by mailin-2.isoc.net (8.11.6/8.11.6) with SMTP id hBUG8D409464       for <[EMAIL PROTECTED]>; Tue, 30 Dec 2003 11:08:13 -0500  Received: from CPE-65-25-173-185.wi.rr.com (CPE-65-25-173-185.wi.rr.com [65.25.173.185])          by rr.com (8.12.8p1/8.12.8) with ESMTP id agieqd80104          for <[EMAIL PROTECTED]>; Tue, 30 Dec 2003 14:13:35 -0400 (EST)  Date: Tue, 30 Dec 2003 14:13:33 -0400 (EST)  From: Mailer Daemon <[EMAIL PROTECTED]>  X-Mailer: The Bat! (v1.61) Personal  Reply-To: [EMAIL PROTECTED]  X-Priority: 3 (Normal)  Message-ID: <[EMAIL PROTECTED]>  To: [EMAIL PROTECTED]  Subject: Your message delivery has been failed.  MIME-Version: 1.0  Content-Type: multipart/mixed; boundary="----------083852498486863"