This article excerpt, written by Brett Christensen, originally appeared here: http://ow.ly/Lypw5
Malware peddlers are once again trying to trick users into downloading malware by sending out fake emails impersonating domain administrators.
The email, with "Internal ONLY" in the subject line, prompts recipients to follow a link to an encrypted message:
In an effort to make the message seem relevant to each recipient, the URL leading to the supposed file contains the domain used in the recipient's email address.
For example, if you have an email address in the format your-name@your-service-provider.com, the link in the malware email will be displayed as:
"https:// your-service-provider.com/file/internal/EncryptedMessage".
In an effort to make the message seem relevant to each recipient, the URL leading to the supposed file contains the domain used in the recipient's email address.
For example, if you have an email address in the format your-name@your-service-provider.com, the link in the malware email will be displayed as:
"https:// your-service-provider.com/file/internal/EncryptedMessage".
In this case, the file towards which the link points is a .zip file containing a Trojan.
