Slightly sanitized (removed user's email address):
Dear user (email address), We have detected that your account was used to send a large amount of unsolicited e-mail messages during the last week. Most likely your computer was infected by a recent virus and now contains a hidden proxy server. We recommend that you follow our instruction in the attached file in order to keep your computer safe. Best wishes, The blueridgecarpet.com support team. Attached was a file called "blueridgecarpet.com" As we all know, .com files are executable. I wish I could prevent executable files from being received in email, but I don't think I can. John-AldrichTile-Tools From: Todd Lemmiksoo [mailto:[email protected]] Sent: Wednesday, November 11, 2009 11:47 AM To: NT System Admin Issues Subject: RE: FYI -- fake email abuse warning yes, please send. Todd _____ From: John Aldrich [mailto:[email protected]] Sent: Wednesday, November 11, 2009 11:09 AM To: NT System Admin Issues Subject: FYI -- fake email abuse warning One of my users was sent a bogus email abuse warning stating that his account had been flagged because his "account was used to send a large amount of unsolicited e-mail messages during the last week." They had an attachment that was flagged by AVG as a virus and so the email was bounced back to me as the return address was [email protected] which comes to me. I've never seen this particular social engineering stunt before and thought I'd pass it along to you guys. I can pass along the text of the bounced message (sans attachment, of course! <G>) if anyone wants it. John-AldrichTile-Tools No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.425 / Virus Database: 270.14.60/2496 - Release Date: 11/11/09 07:40:00 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
<<image001.jpg>>
<<image002.jpg>>
