Clever e-mail virus

I received this e-mail today, with an attached file called “Readme.pif”.

Dear user, the management of mailing system wants to let you know that,

Some of our clients complained about the spam (negative e-mail content)

outgoing from your e-mail account. Probably, you have been infected by

a proxy-relay trojan server. In order to keep your computer safe,

follow the instructions.

Pay attention on attached file.

Have a good day,

The team

Of course, I AM the team – AND Norton had deleted the PIF file before it even appeared in my attach directory (not that I have ever opened a PIF file in my life, or would – for that matter).

Its interesting to see I am not alone in receiving a virus/trojan this way. Norwegian blogger Anders Jacobsen also received a similar (but not exact replicate) of the message today: Cheeky cheeky spammers (Anders Jacobsen’s blog)

2 Responses to Clever e-mail virus

  1. GriLLo March 4, 2004 at 7:13 pm #

    It’s only kind of smart the virus, it works only for the US.

    here when I receive it, it says that “the management of mailing system”, because it is not supposed to handle the country suffix

  2. Jarle March 4, 2004 at 11:29 pm #

    They are doing an easy match to find the domain name. BUT its not right that it will only work for the US. While a few top level domains use “sub level domains” to distinguish between commercial, educational and government type sites, most don’t. (Like .no, .se, .dk, .de etc.)