Nasty Worm

I got a particularly evil worm housed in a particularly evil socially engineered email. No it never executed…I just want to warn others who might fall prey to its scheme. It’s targeted at people who have their own domains, and I know a lot of people who have domains and might not be keen enough to catch this one. No offense of course. Just looking out for you. The email is a spoofed email warning you about spoofed emails. Here’s what mine looked like:<blockquote>—– Original Message —–

From: {fake}@integrationresearch.org

To: {my email}

Sent: Friday, May 28, 2004 9:37 AM

Subject: Email account utilization warning.

Dear user of Integrationresearch.org,

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Please, read the attach for further details.

For security reasons attached file is password protected. The password is “56800”.

Sincerely,

The Integrationresearch.org team http://www.integrationresearch.org</blockquote>Like I said. Evil. Attached was a zipped file and in the zip was a worm.