I had an “interesting” bit of crap email this morning. I’m not sure that thieving threatening bastard email counts as “spam”, so I’ll continue to call it crap.
Basically, it’s a poorly spelled email that threatens me to stop downloading illegally copied copyright material from the web or else their “organisation”, ICS, will get me disconnected!
The mail has an attachment, a zip file, which contains an executable, which contains a Trojan which my NOD32 identifies as Win32/Spy.Goldun.NDJ trojan. I haven’t checked to see what it does, but I can guess.
This is the email content as it appears after NOD32 has cleaned it.
Your internet access is going to get suspended
The Internet Service Provider Consorcium was made to protect the rights of software authors, artists.
We conduct regular wiretapping on our networks, to monitor criminal acts.We are aware of your illegal activities on the internet wich were originating from
You can check the report of your activities in the past 6 month that we have attached. We strongly advise you to stop your activities regarding the illegal downloading of copyrighted material of your internet access will be suspended.
Sincerely
ICS Monitoring Team
__________ ESET NOD32 Antivirus warning, version of virus signature database 3444 (20080916) __________Warning, ESET NOD32 Antivirus found the following threats in the message:
user-EA49943X-activities.zip – Win32/Spy.Goldun.NDJ trojan – deleted
user-EA49943X-activities.zip > ZIP > user-EA49943X-activities.exe – Win32/Spy.Goldun.NDJ trojan – was a part of the deleted object
You get a point for spotting every item of bad spelling, syntax and clumsy speech!
Related posts:
- Combatting WordPress Trackback Comment Spam Two WordPress trackback spams lead our hero to investigate their...
- Email Spam Trojan Changes Slightly My recent post email-spam-trojans-hiding-on-websites-as-msnbc-breaking-news-items led with the effect and infection...
- Google Security to Crawling Chaos and Morals Google Security Spotlight: July Virus Attacks My last few posts...
- Even More on Baer Bank versus Common Decency/Law/Sense (WikiLeaks) More on the Julius Baer (un)Trust(worthy) goings on with WikiLeaks....
- Email Spam Trojans Hiding on Websites as MSNBC Breaking News Items For the past few weeks I suppose everyone has had...
Related posts brought to you by Yet Another Related Posts Plugin.
[...] out another nasty from an email that arrived today on one of my spam honeypot addresses. Unlike last time, this time the identical (to me) message contains a Worm instead of a Trojan as an attachment. [...]
Edit