Wednesday, September 29, 2010

please find enclosed.

Yesterday I received an email apparently coming from LinkedIn:



When we check the headers, the return path is: banquetedfwx14@rentanyapartment.com
I'm pretty sure LinkedIn does not use this email address for their communication ;) .

Enclosed is a file called resume_new.zip (40 KB)
MD5: 7227d2c555262145700be91ae991d91e
VirusTotal result is 25/43:
printable receipt.exe

Conclusion:
LinkedIn will not send you any emails where a "resume" is attached which is in fact an .exe file. Do not reply or open the attachment, simply delete the email.

Wednesday, September 22, 2010

[SPAM] Fresh event on Monday

A few days ago I received the following email:


-----Original Message-----
From: Clifford Hyatt [mailto:frobishere1@rothleycourt.com]
Sent: maandag 20 september 2010 15:37
To: *
Subject: Fresh event on Monday 9/27

Hey



Hope you are well.



Nissa asked that I email you information about the Fresh event we are hosting at Ger-Nis on Monday September 27th,
so if you wanted to you could be the mixologist and help us out with the drinks (beer and wine included).

Obviously, we will compensate you for your time, so if you are free,
we would love if you could help out!

Please find attached.

Please let me know as soon as you can.



Enjoy your weekend,



It contained an attachment called "02943Fresh event on Monday 927"

MD5: 69a8aca7452b5c1386f1933084dd5811
VirusTotal result: 20/43

At the time I was checking the link, it was already taken offline.
It tried to redirect me to http://nobletree.org/x.html .
Most probably you were redirected to a fake antivirus page.


Conclusion:

Please be careful when you receives messages from someone you
don't know, and certainly do not open any attachments.