E-Mail Alert - Phishing & Viruses
October 15, 2009
Phishing emails that look somewhat legit on the service
This email generally says:
Subject: A new settings file for the email@example.com mailbox
Supposedly from firstname.lastname@example.org
(actually it is from IP address 22.214.171.124 by mail.uk2.net;)
Dear user of the yourdomainname.com mailing service!
We are informing you that because of the security upgrade of the mailing service your mailbox (email@example.com) settings were changed. In order to apply the new set of settings click on the following link:
Best regards, yourdomainname.com Technical Support.
The link actually goes to a wsasdev.co.uk ip address.
Most good virus/trojan detection programs will pick this up and delete it but if your detection software is not up to date or you have a lousy detection program it could make it to your email box. If so delete it immediately.
Email with an virus infected zipped document.
Once again most up to date virus/trojan detection programs will kill this before it gets to your mailbox but if it does it looks like this:
Subject: Microsoft Outlook Notification for the firstname.lastname@example.org
Actually from IP address 126.96.36.199 which is from Monroe La. USA
- Please re-configure your Microsoft Outlook Again.
- Download attached setup file and install.
Which of course is virus infected.
A note: Microsoft would never send out anything, they always direct you to their site. Anyone can put anything in the Sender field, you need to look at the entire message header to see where it actually comes from. The same with any link in an email.