Malicious Internal Emails

This article excerpt, written by Brett Christensen, originally appeared here:

Malware peddlers are once again trying to trick users into downloading malware by sending out fake emails impersonating domain administrators.

The email, with "Internal ONLY" in the subject line, prompts recipients to follow a link to an encrypted message:

In an effort to make the message seem relevant to each recipient, the URL leading to the supposed file contains the domain used in the recipient's email address.

For example, if you have an email address in the format, the link in the malware email will be displayed as: 

In this case, the file towards which the link points is a .zip file containing a Trojan.